[dnsext] RFC 2308 & RFC 4035
Edward Lewis <Ed.Lewis@neustar.biz> Fri, 25 February 2011 18:34 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 07AE23A69D3 for <ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com>; Fri, 25 Feb 2011 10:34:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EeXKB+aI7xzK for <ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com>; Fri, 25 Feb 2011 10:34:09 -0800 (PST)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 957A33A683B for <namedroppers-archive-gleetwall6@lists.ietf.org>; Fri, 25 Feb 2011 10:34:08 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.73 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1Pt2On-000Ml2-4J for namedroppers-data0@psg.com; Fri, 25 Feb 2011 18:28:17 +0000
Received: from stora.ogud.com ([66.92.146.20]) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.73 (FreeBSD)) (envelope-from <Ed.Lewis@neustar.biz>) id 1Pt2Ok-000MkH-6n for namedroppers@ops.ietf.org; Fri, 25 Feb 2011 18:28:14 +0000
Received: from Work-Laptop-2.local (gatt.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.4/8.14.4) with ESMTP id p1PIS4O4055729; Fri, 25 Feb 2011 13:28:05 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz)
Received: from [10.31.200.114] by Work-Laptop-2.local (PGP Universal service); Fri, 25 Feb 2011 13:28:10 -0500
X-PGP-Universal: processed; by Work-Laptop-2.local on Fri, 25 Feb 2011 13:28:10 -0500
Mime-Version: 1.0
Message-Id: <a06240803c98da33e969a@[10.31.200.114]>
Date: Fri, 25 Feb 2011 13:28:02 -0500
To: namedroppers@ops.ietf.org
From: Edward Lewis <Ed.Lewis@neustar.biz>
Subject: [dnsext] RFC 2308 & RFC 4035
Cc: ed.lewis@neustar.biz
Content-Type: multipart/alternative; boundary="============_-913464011==_ma============"
X-Scanned-By: MIMEDefang 2.68 on 10.20.30.4
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
I have a question referring to two sections in two RFCs, prompted by
the resimprove draft.
RFC 4035:
5.4. Authenticated Denial of Existence
...
o If the requested RR name matches the owner name of an
authenticated NSEC RR, then the NSEC RR's type bit map field lists
all RR types present at that owner name, and a resolver can prove
that the requested RR type does not exist by checking for the RR
type in the bit map. ...
And in RFC 2308:
5 - Caching Negative Answers
...
A negative answer that resulted from a no data error (NODATA) should
be cached such that it can be retrieved and returned in response to
another query for the same <QNAME, QTYPE, QCLASS> that resulted in
the cached negative response.
Let's aay this happens:
at 10am a cache receives a response to a query for example.tld./IN/A that says
example.tld. 3600 NSEC3 a.example.tld. SOA NS DNSKEY RRSIG NSEC
at 10:15am the cache gets a query for example.tld./IN/AAAA.
Should the cache rely with a NoData response or should it try to
query for the AAAA?
If the answer to the previous is "it should rely on the cached NSEC:"
What if I said that at 10:10am, the authority was updated with a new
zone that had an AAAA RRset at the apex?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar You can leave a voice message at +1-571-434-5468
Me to infant son: "Waah! Waah! Is that all you can say? Waah?"
Son: "Waah!"
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 W.C.A. Wijngaards
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Paul Vixie
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Mark Andrews
- [dnsext] RFC 2308 & RFC 4035 Edward Lewis
- [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 George Barwood
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Brian Dickson
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Paul Vixie
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Mark Andrews
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 W.C.A. Wijngaards
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 John Levine
- Re: [dnsext] RFC 2308 & RFC 4035 Francis Dupont
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Paul Vixie
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 John Levine
- Re: [dnsext] Fwd: RFC 2308 & RFC 4035 Edward Lewis