IETF Logo Mail Archive

Re: [DNSOP] ANAME in answer or additional section [issue #62]

Bob Harold <rharolde@umich.edu> Tue, 11 June 2019 12:53 UTC

Return-Path: <rharolde@umich.edu>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FAA4120127 for <dnsop@ietfa.amsl.com>; Tue, 11 Jun 2019 05:53:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oF5WXxx9_7_r for <dnsop@ietfa.amsl.com>; Tue, 11 Jun 2019 05:53:43 -0700 (PDT)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C7C6120045 for <dnsop@ietf.org>; Tue, 11 Jun 2019 05:53:43 -0700 (PDT)
Received: by mail-lj1-x22e.google.com with SMTP id i21so11511381ljj.3 for <dnsop@ietf.org>; Tue, 11 Jun 2019 05:53:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=k3wTNBpHoIrK8sfFnDM35J2lq53XRASP+rCXZGEQ81k=; b=ibV9hSwWvPqrP0FnZYJ1W2iL30aZ1P2WZoQ+tO4rpeXHDv5WcR5Rb5IVPdLzdvXmzm bI7d+F58Fc9fze1s3n0Sah+DN6YnD8jgJF5sY6pXWFQ/idMTT16gFWDOwfA9rW+YIkmb 88HvmKnznxmZxVotBYbtNIdrM7G0qASv6loD/Qmmpq/VOw/pBL+FIz/f7ap3v068xJvB x3fCjI9aJZbKMn3FZYW01/XFA/NL7tHCa5kY7wZTufU5PfVafpEjJDn2aDcWnLxuXZnX IQuO5h09CQ7NeiuZxafT/dsz8VDA4QB6850k5LoUIqQ84Xa9yB8aAqu8XcHI6cZxDs7+ Q5aA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=k3wTNBpHoIrK8sfFnDM35J2lq53XRASP+rCXZGEQ81k=; b=a8I8AfUMTwJ+SjnURvLdGLS7hpwYgeavY1+cipWTOE/lrO1Wmekdx5tNDEiB3MoNye vzZhkkKbXnIRpkTjw9esNsRTkNh+HZYqO6vR3Cr0dQ+RQfTm06H3nvDlFkRs0T/kYqXc C2Z8u8k8apt1sPQfrUTHP3JJ4kGaelaNdGUCzQXevBBpj83W18japz514ryEEPUzWiIK yzKhqalsr40jV2A75bN0yCBKiBRccDrnDgyozL+gYjEyhgJncifWHcToM4aiZWdBV/xo G0Ex6cTfBa2WNYRWiDrvesmeysTYHjvcM9QUp0T1bnt9AvYouJLWO3PS1it0CWZ3d8U/ Tz7w==
X-Gm-Message-State: APjAAAU/jXZZrX5S25NqWEcxmDaJ+w0cGX77DPJIuOfQe/KgajEDBwKE 1U6iZxjioLjl8iRgnMtNyd2BYafjjXutqId8ke7V6sRg
X-Google-Smtp-Source: APXvYqxwbHOlezn59icOnnuWMp5HXOUeC6lCe74zZu7JBQUd/rPXztIl36LXjgiwk5ii6t1lyk3PQvJzbzN4rk5jXDA=
X-Received: by 2002:a2e:a0d5:: with SMTP id f21mr7017613ljm.69.1560257621369; Tue, 11 Jun 2019 05:53:41 -0700 (PDT)
MIME-Version: 1.0
References: <3b136e34-7ec0-e144-2c2a-0885185ec2b1@pletterpet.nl>
In-Reply-To: <3b136e34-7ec0-e144-2c2a-0885185ec2b1@pletterpet.nl>
From: Bob Harold <rharolde@umich.edu>
Date: Tue, 11 Jun 2019 08:53:30 -0400
Message-ID: <CA+nkc8CtGiykZU5fWRrvo5q1fFixk-udads=uEGKrmALYvuTaA@mail.gmail.com>
To: Matthijs Mekking <matthijs@pletterpet.nl>
Cc: "dnsop@ietf.org" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000047b8fc058b0bc9ef"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/svuvyRQmN6ZVwnYBdnrHCANHegU>
Subject: Re: [DNSOP] ANAME in answer or additional section [issue #62]
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 12:53:47 -0000

On Tue, Jun 11, 2019 at 4:32 AM Matthijs Mekking <matthijs@pletterpet.nl>
wrote:

> All,
>
>
> While working on the next version of the ANAME draft, one additional
> question came up: When querying for A or AAAA, we want to include the
> ANAME in the response as a signal to anticipate aliasing.  Should we
> include the ANAME record in the answer section or the additional section?
>
> The main argument for putting it in the additional section is that given
> the experience with DNAME, putting the ANAME in the answer section there
> is a risk of interop problems (because there is an unexpected record in
> the answer section).
>
> The main argument for putting it in the answer section is that putting
> it in the additional section implies a lower trust level, and that the
> record is optional and can be removed when minimizing responses.
>
> Does the working group have any thoughts on this?
>
> Issue is tracked here: https://github.com/each/draft-aname/issues/62
>
>
> Best regards,
>
> Matthijs
>

If the camel was not already overloaded, then a cautious approach might be
to put it in the additional section, *unless* there was a capability signal
in the request that indicated that the requester would understand ANAME, or
at least not have a problem if it were in the answer section.   I am
guessing that the capability signal would be some EDNS option, or perhaps
an EDNS version.  Is that reasonable?

-- 
Bob Harold

v2.23.0 | Report a Bug | By Email