IETF Logo Mail Archive

Re: [DNSOP] 4035 3.1.4.1 erratum? dig ds root-servers.net @X.root-servers.net

神明達哉 <jinmei@wide.ad.jp> Thu, 11 January 2018 19:26 UTC

Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF3D21270A0 for <dnsop@ietfa.amsl.com>; Thu, 11 Jan 2018 11:26:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yvZ2iZf0c5jQ for <dnsop@ietfa.amsl.com>; Thu, 11 Jan 2018 11:26:29 -0800 (PST)
Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFCB7127011 for <dnsop@ietf.org>; Thu, 11 Jan 2018 11:26:28 -0800 (PST)
Received: by mail-wm0-x232.google.com with SMTP id 141so7463315wme.3 for <dnsop@ietf.org>; Thu, 11 Jan 2018 11:26:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=tFwfTWLfaxmURKyZFsjusSZoxS4//G38rAK15A29FZU=; b=YUU9aQWlKYB589LLwIQYZ3fZE6MlWZIcTC+40ZP6Ta0h+1+C0qgElM7DIIdOgeto+L 835KTnEVLPPmGhQgQVvcVj7y7dp+HO2xb10gmyxpJOhOXK9InbzgqzlWKFlDJl+/IK6Q 6skloveclSP7Oj0RQoHUaE83wAcPPFxjPnhRaGPTSkw56xx+UEHfLj+SRfSujQAM6GNr vICMclBQeT8/hj7hQvrAnQ4w+jFgXbneSQpMZs5ydcOvPfP1kGRUssqcIIsacvU4sPX/ J/SXa2Wij7F3AOB7Qjo9gwzMO6A+8JIhNBJx1NtqPrxTOm4AMp1zbdRIb+klhDXy+mVl hJpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-transfer-encoding; bh=tFwfTWLfaxmURKyZFsjusSZoxS4//G38rAK15A29FZU=; b=LAyNnz1BPU/pGA2/dWt/JEcq2t6A+5GxdILeNFQtZWui1GK4CkUpYBAUzvCjJle1q0 q8yDOn3jWwSDyzYcnNv+/y6KELeWmB1wttiBF2AzsvwPr7TqZUD+IOo2ZUqf4uElAU2l CqZu0APkW045UMgo36KkROVGnthEa/L3yEA73SAB93IfNkKggSvpa6CHeHKqNLRjSOd2 02SuznYbJFblOZ7Q0y2KZzfI9c4CPNnx4PUCjG5+EQxI20Rpcuw4Hlu4NRb8I6wIp22B RAwrQD/M7jTu30MSUW/YfVQKXkDgn7lQq8v5XCT2yuqnz7Ah390hpXIWXFgmpjb2TDKf iA+Q==
X-Gm-Message-State: AKwxytekj32+I/5dDNEn5DGknfx4cQrE4DQ+ppLHwMiq8/U7oWGqt7P1 9igiKrBgKpAXHwv4+HbjBOTy9I+R0kIeM71ucRw=
X-Google-Smtp-Source: ACJfBouamccdGE6lQ33s+WmjFpkaQmFHVC+XAPm/8bRRmu04BBr6eeIjjyoQzOhFQ2UmxQb2+zDLWPcRw1NpUuue5w8=
X-Received: by 10.28.128.82 with SMTP id b79mr2042020wmd.113.1515698787285; Thu, 11 Jan 2018 11:26:27 -0800 (PST)
MIME-Version: 1.0
Sender: jinmei.tatuya@gmail.com
Received: by 10.223.169.225 with HTTP; Thu, 11 Jan 2018 11:26:26 -0800 (PST)
In-Reply-To: <CAN6NTqy=aQFRBDZVba6NzsoBq7CWKU9c5tB971VArsPSjZpN0w@mail.gmail.com>
References: <E361FA78-84DF-4B42-AFAC-C8C6CC140158@powerdns.com> <7EF7E67D-E013-44FF-83D5-C35E197F4B8B@isc.org> <CAJE_bqeUjtFfWzJA56O-Y68Zbke3U4w-PUFhaC4nfcsy0a3J8A@mail.gmail.com> <CAN6NTqy=aQFRBDZVba6NzsoBq7CWKU9c5tB971VArsPSjZpN0w@mail.gmail.com>
From: 神明達哉 <jinmei@wide.ad.jp>
Date: Thu, 11 Jan 2018 11:26:26 -0800
X-Google-Sender-Auth: AOFeF0swZHmYRk905E3x2jhwmhY
Message-ID: <CAJE_bqdOtE6_nBPzFkPuAnYPA+aK6SoosG6-6pDXXQJ=k81uYQ@mail.gmail.com>
To: Ólafur Guðmundsson <olafur@cloudflare.com>
Cc: dnsop <dnsop@ietf.org>, Peter van Dijk <peter.van.dijk@powerdns.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rQWncwQ9eTO6ZJweGFsCvZfj4R8>
Subject: Re: [DNSOP] 4035 3.1.4.1 erratum? dig ds root-servers.net @X.root-servers.net
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jan 2018 19:26:31 -0000

At Wed, 10 Jan 2018 17:05:00 -0800,
Ólafur Guðmundsson <olafur@cloudflare.com> wrote:

> >    That is, it answers as if it is authoritative and the DS record does
> >    not exist.  DS-aware recursive nameservers will query the parent zone
> >    at delegation points, so will not be affected by this.
> >
> I hate having my own RFC thrown at me,
> but it may or may not apply as there is another corner case that I/WG did
> not consider,
> what if the NameServer is authoritative for a zone above the parent.
> In this case it has to select does it answer from the closest zone that can
> answer DS record or
> from the zone it self.
>
> In the spirit of being helpful to recursive resolvers the right answer IMHO
> is the referral from the
> zone above the query name.

I'm not sure if I understand you so please let me be more explicit.
Are you talking about the so-called grandparent problem case, like the
case of this thread?

>> The root servers are authoritative for root-servers.net. and for . , but not for net

and, when this server gets a query for root-servers.net/DS, it should
return a referral to net instead of NODATA answer?  (If so, I'm
confused about what you said above "another corner case that I/WG did
not consider", since 2.2.1.2 of RFC3658 actually talks about that
corner case).

--
JINMEI, Tatuya

v2.23.0 | Report a Bug | By Email