IETF Logo Mail Archive

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

Lanlan Pan <abbypan@gmail.com> Mon, 19 April 2021 16:12 UTC

Return-Path: <abbypan@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28D263A38DD for <dnsop@ietfa.amsl.com>; Mon, 19 Apr 2021 09:12:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.196
X-Spam-Level:
X-Spam-Status: No, score=-0.196 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7s6k2spteBrT for <dnsop@ietfa.amsl.com>; Mon, 19 Apr 2021 09:11:57 -0700 (PDT)
Received: from mail-qv1-xf2f.google.com (mail-qv1-xf2f.google.com [IPv6:2607:f8b0:4864:20::f2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C55F3A38DB for <dnsop@ietf.org>; Mon, 19 Apr 2021 09:11:57 -0700 (PDT)
Received: by mail-qv1-xf2f.google.com with SMTP id i3so11594215qvj.7 for <dnsop@ietf.org>; Mon, 19 Apr 2021 09:11:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=OOeGDJciDb4+xqFqIzGq2bM+c4jAWEFDdGkyBPOMbl4=; b=t6MZprnTYPRq7MUZt8smK9+YyjBc0tcMqh5JdT6+OmPUoQns3EO+z1UlS2dv6Fouhw Q6AU0+98NKf2ZdizYFfpdBzLaT7a+PsV7ozopHa/tAeWOp3zqXrPnuDAXxn/8Yxr5kh4 Gl9tfuysOKjZNENjpJDvEw8yBXQmyXh+RxN+9jOZQQbzOnASxip2PEHA11SNt/3Vl0Qm I/hxclWBMMwK/ka9Yr3pScuM7LIXPs2+tlpl3lC0ZYrGLhWntgbg7Z1yVxwXcvLFqEE0 DH0uPkzCnCytU3KNUHwUOnRv7cKGJRG0rhU4GYIkypa2O9DL2hyyVmEJJDjM2niHt/fB BmEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=OOeGDJciDb4+xqFqIzGq2bM+c4jAWEFDdGkyBPOMbl4=; b=KU0CVyN4UhqJyT8HEcZ0IRbQw1VHFrjn9bl3wUKv6ZH7ySwkpmaYtIwT8IO3gzG3oM EIuXvp4j1sHQnPO+Q6YsOCtR0ts0JeXcFemr3FcFUd9PToNqvezlWElja52YoBd8z1xo JULn0/tZv9IXguxtbgYDXVcanoxPeUn3cdGuXXV1PtQ/2PLlzfAemnsbf+jQCbCZ8MUR 00pw+6hmMVLV9TJBrx4g8SlS4/Q9wZ2Drh51J/QsH6xw7g7BoPX7/MHb0auqG3VLOd5D NiZ5Gbc4WGMUyJLPZx/i2ieB2rinJGqErrbV8Xn8AC3LG6Qfy3RJUHSU0MUeQ5jO8NsP x+hg==
X-Gm-Message-State: AOAM533vPBrj7LPJfsGB8mYMQskhfDPJiRd0T39sgZJbK262PfLlT2Xn qlfdZBq+grBzfpN29xGe7SvrIAVReaVI38UMZvA9AULp5aBi6g==
X-Google-Smtp-Source: ABdhPJzDXxJ3XQX5p/SNtBRrRbvmG6Kdq9l4KvEQ8AstpAMCbHF9GH7Gs0cvo+us0t5joghcAP9n0DHNgWF9Hc+hQ/8=
X-Received: by 2002:a0c:db05:: with SMTP id d5mr22088693qvk.41.1618848715757; Mon, 19 Apr 2021 09:11:55 -0700 (PDT)
MIME-Version: 1.0
References: <20210414090142.GA12570@nic.fr> <20210414091905.GB12570@nic.fr> <b341442d-cf12-1b7e-dfc0-a2b7afb77bd3@bellis.me.uk>
In-Reply-To: <b341442d-cf12-1b7e-dfc0-a2b7afb77bd3@bellis.me.uk>
From: Lanlan Pan <abbypan@gmail.com>
Date: Tue, 20 Apr 2021 00:08:34 +0800
Message-ID: <CANLjSvUqMEsjdBxO7Ka7fnBVAxgfrhHRrVyDHBw9hjEcO83+Bg@mail.gmail.com>
To: Ray Bellis <ray@bellis.me.uk>
Cc: dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a5dbe605c0559695"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/uDLsqWg87Ic5DMccROP3nNiFvnE>
Subject: Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2021 16:12:02 -0000

Ray Bellis <ray@bellis.me.uk> 于2021年4月16日周五 下午4:19写道:

>
>
> On 14/04/2021 10:19, Stephane Bortzmeyer wrote:
>
> > Regarding dnsop work, the same report suggests to modify RFC 5625 "DNS
> > Proxy Implementation Guidelines" to replace the MAY in section 6.3 by
> > a MUST. I think that the reason there is currently a MAY is not
> > because RFC 5625 finds invalid compression pointers acceptable but
> > simply because some proxies may not perform a full parsing of the RR
> > in the sections.
>
> Yes, that was pretty much it.
>
> Many DNS proxies / ALGs don't inspect the packet contents at all, so a
> stronger generic requirement was not feasible.
>
>
depends on use case ?
enterprise dns proxies may inspect, but home gateway proxies may not.

(The suggested SERVFAIL response is wrong, I think.  It should've been
> FORMERR)
>
> Ray
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>

v2.23.0 | Report a Bug | By Email