Re: [DNSOP] opportunistic semi-authoritative caching (Re: DNSOP Call for Adoption - draft-tale-dnsop-serve-stale)

Paul Vixie <> Fri, 08 September 2017 05:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 19AD31330CC for <>; Thu, 7 Sep 2017 22:28:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id zDDlYKCxz6l9 for <>; Thu, 7 Sep 2017 22:28:31 -0700 (PDT)
Received: from ( [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 379871330C8 for <>; Thu, 7 Sep 2017 22:28:31 -0700 (PDT)
Received: from localhost.localdomain ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id AC2A061FA2; Fri, 8 Sep 2017 05:28:30 +0000 (UTC)
From: Paul Vixie <>
To: Joe Abley <>
Date: Thu, 07 Sep 2017 22:28:30 -0700
Message-ID: <8183111.Lxug4lBFgO@localhost.localdomain>
Organization: Vixie Freehold
User-Agent: KMail/ (Linux/4.12.9-200.fc25.x86_64; KDE/4.14.30; x86_64; ; )
In-Reply-To: <>
References: <> <>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <>
Subject: Re: [DNSOP] opportunistic semi-authoritative caching (Re: DNSOP Call for Adoption - draft-tale-dnsop-serve-stale)
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 08 Sep 2017 05:28:32 -0000

On Thursday, September 07, 2017 11:08:43 PM Joe Abley wrote:
> >>   Would you see the querying application informing you of intent via
> >> 
> >> option code saying "If I'm unable to talk to you once TTL expires, I may
> >> serve your last known good answer"?
> > 
> > i don't think so. if it was "may i serve your last good answer?" then yes.
> > but with it as "i may" and the ? outside the quotes as shown above, then
> > no.
> There's a recursive operator with whom Jared and tale may be familiar that
> some time ago had a feature called "pinning" whereby particular names that
> were known to be availability-sensitive (their non-availability caused
> great disturbance in the helpdesk) could be "pinned" -- that is, in the
> recursive server, they were configured never to expire from the cache. They
> could be refreshed, but they would not expire.

the domain name system is the world's first and only distributed, coherent, 
autonomous, reliable database. if someone decides, for the sake of their help 
desk, to use my data for longer than the TTL i signaled, that's an affront to 
both coherence and autonomy, and they should stop.

if they really need this, they should provide a method by which i can specify 
both a TTL and an Expiry, and i will consider publishing both values, and if i 
do, then they can use them the way i intend them. because as i said, autonomy. 
it's my data, and my TTL.