Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-not-optional-02.txt

John R Levine <johnl@taugh.com> Thu, 29 July 2021 15:33 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA41F3A03EE for <dnsop@ietfa.amsl.com>; Thu, 29 Jul 2021 08:33:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=gctFLrph; dkim=pass (2048-bit key) header.d=taugh.com header.b=chFErHBu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YEzb8SUnOq1W for <dnsop@ietfa.amsl.com>; Thu, 29 Jul 2021 08:33:27 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 015A63A03EB for <dnsop@ietf.org>; Thu, 29 Jul 2021 08:33:26 -0700 (PDT)
Received: (qmail 88881 invoked from network); 29 Jul 2021 15:33:25 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=15b2f.6102ca45.k2107; bh=ht8y/IOevRwQDaBYMeRuVXELBxjLjZow5SI1BaSfOW8=; b=gctFLrphue0k8lr6wm59vWiGDHAE6gXJo/FrYTCvqaZhUV6cVmHguJb+wbop4n7WnYDv+C/bJraObBleV7B0yYyFTThNvITy2SW34YtCHrEQDkchOVRcvAa7R4mJ/uBGdOqoGF1R9FbQf77YLCLunuVxMit4dQm2xawM26yL8IuAYj5x0n1ZXlemvt4F76DP2gOyDypYVzHaPQn7hYEYWDuBHzZJcTvtJGk84MGWk9Q0CKK7ThPud2O6BXeBRC85gYjHBfgNky56Ibf2e9L3KhgKXCEZUJGWY4pZZ1awuU7Q5z/RL46eU9I51SI3f/Wp41bD9H4YwgclkyzT2BlYdQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=15b2f.6102ca45.k2107; bh=ht8y/IOevRwQDaBYMeRuVXELBxjLjZow5SI1BaSfOW8=; b=chFErHBu+XcBvCfimbCJ/YMaJ6rIwyzXUwrjYvtNwx3FpcmN640v1C6Y+Z8cMsVGlCxQboP2ynxWIx+aMWupS9zytta7UGSlMRT+Idu4t2WbSRRCSrxKqN34FMYvJS1w8XBRFr1kQzRDdTaFOkgO5hq2O5C6Sn+YijEVrYUOhWULqxAo0jfwBcgOANkEBYPjU0pr4AiZCFq80aMEqE7dxGbLACMFCnqIDvAsgzRgmFDaTROdIdubjmpqiOcjb9iAzuRpaPFGYxNpA0VYrmiy98nkNsfBAPYtLfed3HhfZHM1ewWMvskzNV1nQlJ2M4H3pM6Qy/XLPr6hlFuWg6huaA==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 29 Jul 2021 15:33:24 -0000
Received: by ary.qy (Postfix, from userid 501) id 3D47D254ABF7; Thu, 29 Jul 2021 11:33:23 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id E50BD254ABD9; Thu, 29 Jul 2021 11:33:23 -0400 (EDT)
Date: 29 Jul 2021 11:33:23 -0400
Message-ID: <d5778e88-3199-965-43c6-4aa9ea56456d@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Jared Mauch" <jared@puck.nether.net>
Cc: dnsop@ietf.org, paul@nohats.ca
X-X-Sender: johnl@ary.qy
In-Reply-To: <F802A049-F073-4FC2-A19F-2342CE44AF69@puck.nether.net>
References: <20210728041631.CCAA8253A750@ary.qy> <F802A049-F073-4FC2-A19F-2342CE44AF69@puck.nether.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-1425476999-1627572803=:17918"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/tRpnkpI5VLEVeXusK7O-mfCGshE>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-glue-is-not-optional-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jul 2021 15:33:34 -0000

On Thu, 29 Jul 2021, Jared Mauch wrote:
> I think calling out that it’s possible people will create situations where a name won’t resolve, is similar to what happens with routing that isn’t deterministic as well.  We should be defining how to determinsticly resolve a name and highlight that it’s flexible enough you can configure it so it won’t work.

Sounds reasonable.  I'd also like us to keep in mind what our capitalized 
words mean.  MUST means "do this to interoperate".  The only MUST I've 
seen in this document is that servers MUST return all in-bailiwick glue.

I don't think there's anything harmful about returning sibling glue, but 
it is 100% optional. Ignoring NS loops, anything you can get with sibling 
glue you can get by another query, which makes it a MAY.  Maybe two 
queries are slower, maybe the single response with extra glue needed a 
retry with TCP while the two simpler responses could each use UDP, so 
maybe not.

Conflating it with in-bailiwick glue is 100% confusing, which I why I 
think we should drop it and stick to the important point about all the 
in-bailiwick glue.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly