Re: [Gen-art] Gen-ART Review of draft-ietf-dnsop-edns-client-subnet-04

David C Lawrence <> Tue, 15 December 2015 16:50 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id BE02A1A8860; Tue, 15 Dec 2015 08:50:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cfqAJgwStzEp; Tue, 15 Dec 2015 08:50:29 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 6688D1A8A78; Tue, 15 Dec 2015 08:50:25 -0800 (PST)
Received: from (localhost.localdomain []) by postfix.imss70 (Postfix) with ESMTP id A39DD43343C; Tue, 15 Dec 2015 16:50:24 +0000 (GMT)
Received: from ( []) by (Postfix) with ESMTP id 8D787433437; Tue, 15 Dec 2015 16:50:24 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=a1; t=1450198224; bh=9bvQP3zgbAiOpGqQgA8BfZj+5k22CwoBKm0TAw1Q7Tg=; l=1690; h=Date:From:To:Cc:In-Reply-To:References:From; b=TAVKgIHO5euNlKXWBaqH/cpT5o8nRwd5xRybFqVM/b03FxKvg9VW9ojF2S2uoFWxf a+Qnr7Z1djbhKNbLjaRYFkoMtP/lZDYkdf1+ygAtbkZKbJ1eYMwy57JdKtw2SnVI2s 6a9A7qgZaOx1Eel+rlDk98mQcCrege+97G0uLdq8=
Received: from ( []) by (Postfix) with ESMTP id 4EC1B2035; Tue, 15 Dec 2015 16:50:24 +0000 (GMT)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <>
Date: Tue, 15 Dec 2015 11:50:24 -0500
From: David C Lawrence <>
To: Warren Kumari <>
In-Reply-To: <>
References: <> <> <>
Archived-At: <>
Cc: IETF Gen-ART <>,, IETF <>
Subject: Re: [Gen-art] Gen-ART Review of draft-ietf-dnsop-edns-client-subnet-04
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 Dec 2015 16:50:31 -0000

> > In Section 7.1.1, can you add a sentence or reference to explain "lame
> > delegation"?  I recognize that this type of error results when a name
> > server is designated as the authoritative server for a domain name and
> > that server does not have authoritative data.
> [ AUTHORS: This was a term that was left out of the terminology draft. Do
> you have any suggestions for how we can reword this to remove the need for
> the term? ]

"... to distinguish the respone from one where the Authoritative
Nameserver is not responsible for the name, which is a common
convention for the REFUSED status."

> > Section 7.4 says: "Several other implementations, however, do not
> > support being able to mix positive and negative answers, and thus
> > interoperability is a problem."  Then, the next paragraph says that
> > this topic will be revisited in a future specification.  Is there any
> > advice that the authors can share as a step toward interoperability
> > that would be useful for implementers until the future specification
> > comes about?
> [ AUTHORS: Any text for here? ]

The current situation is such that I think it is best just to say only
something like, "It is recommended that no specific behaviour
regarding negative answers be relied upon."

Personally my proposal is going to be that negative answers be allowed
to be scoped the same way that positive answers can be, but I don't
expect it to be without some controversy and it wouldn't be right for
me to insert by own bias into this document -- especially since Wilmer
is one of the people who has said that he doesn't think ECS should be
able to be used with negative answers.