Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi-qtypes-08.txt
Peter Thomassen <peter@desec.io> Fri, 17 November 2023 11:49 UTC
Return-Path: <peter@desec.io>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BA61C151067 for <dnsop@ietfa.amsl.com>; Fri, 17 Nov 2023 03:49:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=a4a.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2-cAqoC7yu1u for <dnsop@ietfa.amsl.com>; Fri, 17 Nov 2023 03:49:52 -0800 (PST)
Received: from mail.a4a.de (mail.a4a.de [IPv6:2a01:4f8:10a:1d5c:8000::8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10463C14CF1E for <dnsop@ietf.org>; Fri, 17 Nov 2023 03:49:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=a4a.de; s=20170825; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From: References:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VhGWDr9romtqYJ+7l+BKhyWjkccbguQAOHozJCv1UoQ=; b=IID12fbCet6ApbSDfGKzdwiBZc iSLtmAbFANVL9HING7W8NanGM+uYfFMXRtVGJmNV/Adhu3yE/JAs9GHVtfhg2Ygvn4+tBjF0YpjgI ewBWODfqsE1tKEYQkPJCANcLG/kmPbc4LI6lJi0uOFovTqIn8xwb0FHcFLwSQxwlh9gHMjWrlC67b uZBi9jhAH736pAcVhGNsbZ6IrxQcOKXsEHhikT3KF0QPhILSttXc9Fczr/QkLXj3eS+uKDLdT6PM3 L8ytPYxfnqQbCaACtBDWy1f2RC2fMxLmu6zlbGTDH1bU0YvJrEkWdlW0WBfxhATIX0W4yLt615HLj 5JasEuGg==;
Received: from [2a02:8109:9283:8800:4131:fbf9:50ee:6a9b] by mail.a4a.de with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from <peter@desec.io>) id 1r3xM4-007JqQ-FZ for dnsop@ietf.org; Fri, 17 Nov 2023 12:49:48 +0100
Message-ID: <0ecd7ce4-79d3-411e-9c7c-ee9602e8c534@desec.io>
Date: Fri, 17 Nov 2023 12:49:47 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: dnsop@ietf.org
References: <169996260219.33611.6405129886775920165@ietfa.amsl.com>
From: Peter Thomassen <peter@desec.io>
In-Reply-To: <169996260219.33611.6405129886775920165@ietfa.amsl.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/yB6LuqK2fWWu621-npfJm47v6uQ>
Subject: Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi-qtypes-08.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Nov 2023 11:49:56 -0000
On 11/14/23 12:50, internet-drafts@ietf.org wrote: > Abstract: > > This document specifies a method for a DNS client to request > additional DNS record types to be delivered alongside the primary > record type specified in the question section of a DNS query. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-bellis-dnsext-multi-qtypes/ I think this draft proposal a reasonable method for requesting multiple record types. Section 3.2.1 has three occurrences of "SHOULD/MUST attempt to" do things, such as: MUST attempt to return all specified RR types except where ... Under which circumstances is the "attempt" sufficient? (Is the attempt allowed to fail under circumstances beyond what's in the "except" clause?) Generally, my feeling is that both "MUST attempt" and "SHOULD attempt" actually are "SHOULD". In Section 3.2.3: If the DNS client sets the "DNSSEC OK" (DO) bit in the query then the server MUST also return the related DNSSEC records that would have been returned in a standalone query for the same QTYPE. That MUST is stronger than the "MUST attempt" for the rdata itself. I guess what's meant is something like "MUST return the related DNSSEC records for any returned RRsets, in the same way as they would have been returned ...". Also, "for the same QTYPE" is unclear, it might be misread to refer to the QTYPE appearing in the question section. I guess what's meant is "for the respective QTYPE". Regarding Section 3.1, I tend to agree with Paul's perspective on QTYPE encoding via bit map. Best, Peter -- https://desec.io/
- [DNSOP] I-D Action: draft-bellis-dnsext-multi-qty… internet-drafts
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Paul Wouters
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Ray Bellis
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Paul Wouters
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Ray Bellis
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Paul Wouters
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Ted Lemon
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… John Levine
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Peter Thomassen