Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems
Chris Thompson <cet1@cam.ac.uk> Wed, 04 March 2009 19:54 UTC
Return-Path: <cet1@hermes.cam.ac.uk>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D7C0D3A6D27 for <ietf@core3.amsl.com>; Wed, 4 Mar 2009 11:54:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.888
X-Spam-Level:
X-Spam-Status: No, score=-4.888 tagged_above=-999 required=5 tests=[AWL=1.411, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cSSTj9+AF960 for <ietf@core3.amsl.com>; Wed, 4 Mar 2009 11:54:20 -0800 (PST)
Received: from ppsw-5.csi.cam.ac.uk (ppsw-5.csi.cam.ac.uk [131.111.8.135]) by core3.amsl.com (Postfix) with ESMTP id 0A1373A6BC4 for <ietf@ietf.org>; Wed, 4 Mar 2009 11:54:20 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-2.csi.cam.ac.uk ([131.111.8.54]:56059) by ppsw-5.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.155]:25) with esmtpa (EXTERNAL:cet1) id 1LexAr-0007xW-Hn (Exim 4.70) (return-path <cet1@hermes.cam.ac.uk>); Wed, 04 Mar 2009 19:54:37 +0000
Received: from prayer by hermes-2.csi.cam.ac.uk (hermes.cam.ac.uk) with local (PRAYER:cet1) id 1LexAr-00078P-GI (Exim 4.67) (return-path <cet1@hermes.cam.ac.uk>); Wed, 04 Mar 2009 19:54:37 +0000
Received: from [131.111.11.47] by webmail.hermes.cam.ac.uk with HTTP (Prayer-1.3.1); 04 Mar 2009 19:54:37 +0000
Date: Wed, 04 Mar 2009 19:54:37 +0000
From: Chris Thompson <cet1@cam.ac.uk>
To: Ondřej Surý <ondrej.sury@nic.cz>
Subject: Re: [dnsext] RFC 3484 section 6 rule 9 causing more operational problems
Message-ID: <Prayer.1.3.1.0903041954370.14031@hermes-2.csi.cam.ac.uk>
In-Reply-To: <e90946380903041020l212909c0sa071be8c833e2e80@mail.gmail.com>
References: <alpine.LSU.2.00.0903041400220.8701@hermes-2.csi.cam.ac.uk> <20563.1236179832@nsa.vix.com> <alpine.LSU.2.00.0903041531250.8701@hermes-2.csi.cam.ac.uk> <25914.1236186707@nsa.vix.com> <20090304175748.GB24212@vacation.karoshi.com.> <e90946380903041020l212909c0sa071be8c833e2e80@mail.gmail.com>
X-Mailer: Prayer v1.3.1
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: Chris Thompson <cet1@hermes.cam.ac.uk>
X-Mailman-Approved-At: Thu, 05 Mar 2009 09:26:44 -0800
Cc: Paul Vixie <vixie@isc.org>, bmanning@vacation.karoshi.com, ietf@ietf.org, namedroppers@ops.ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2009 19:54:20 -0000
On Mar 4 2009, Ondřej Surý wrote: >On Wed, Mar 4, 2009 at 6:57 PM, <bmanning@vacation.karoshi.com> wrote: [...] >> DNSSEC does reorder RRSets within a zone. Which is a new feature. > >When we started talking about order of RRSets? This is purely discussion >about order of RRs in RRSet. Order of RRSets in zone is irrelevant before >DNSSEC and also after DNSSEC. Nothing depends on order of RRSets >at least in my best knowledge. I took Bill to mean "DNSSEC does reorder RRs within an RRset" anyway, as I don't know in what other sense DNSSEC is relevant at all. But the canonical ordering of RRs within an RRset for signing purposes says nothing about the presentation order in the answers to DNS queries. And in fact a certain well-known nameserver implementation not unassociated with Paul still supports all the rrset-order and sortlist controls, which work for secured zones as well as unsecured ones. -- Chris Thompson Email: cet1@cam.ac.uk
- RFC 3484 section 6 rule 9 causing more operationa… Tony Finch
- Re: RFC 3484 section 6 rule 9 causing more operat… Andrew Sullivan
- Re: RFC 3484 section 6 rule 9 causing more operat… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Tony Finch
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Tony Finch
- RE: [dnsext] RFC 3484 section 6 rule 9 causing mo… Christian Huitema
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Florian Weimer
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Nicholas Weaver
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Ondřej Surý
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Paul Vixie
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Mark Andrews
- Re: RFC 3484 section 6 rule 9 causing more operat… Jari Arkko
- Re: RFC 3484 section 6 rule 9 causing more operat… Tim Chown
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… bmanning
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Chris Thompson
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Florian Weimer
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Florian Weimer
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Florian Weimer
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Ondřej Surý
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Ondřej Surý
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Paul Vixie
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Paul Vixie
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Paul Vixie
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Tony Finch
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Paul Vixie
- Re: [dnsext] RFC 3484 section 6 rule 9 causing mo… Paul Vixie
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Paul Vixie
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Danny Mayer
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Ask Bjørn Hansen
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Florian Weimer
- Re: [dnsext] Re: RFC 3484 section 6 rule 9 causin… Danny Mayer
- Re: RFC 3484 section 6 rule 9 causing more operat… Arifumi Matsumoto