draft-ietf-ipngwg-dns-lookups-04.txt

Paul A Vixie paul at vix.com
Tue Jun 29 14:54:01 UTC 1999 

------- Blind-Carbon-Copy

To: Erik Nordmark <Erik.Nordmark at eng.sun.com>
cc: Jim Bound <bound at zk3.dec.com>, Matt Crawford <crawdad at fnal.gov>,
    ipng at sunroof.eng.sun.com, namedroppers at internic.net
Subject: Re: draft-ietf-ipngwg-dns-lookups-04.txt 
In-reply-to: Your message of "Tue, 29 Jun 1999 01:01:49 PDT."
             <Roam.SIMC.2.0.6.930643309.24583.nordmark at jurassic> 
Date: Tue, 29 Jun 1999 07:54:01 -0700
From: Paul A Vixie <vixie at bb.rc.vix.com>

note: i have removed

	, bindv9 at isc.org,
	bind-workers at isc.org

from the CC list, since these are internal ISC lists and should not have
been CC'd (or mentioned in public, for that matter) by a thread which also
hit namedroppers and ipng.  bad jim, no bone.  they might have been BCC'd;
those of you who are on them will know :-).

> To add to Thomas' concern about specifying transition:
> 
> There is some interaction between the transition strategy in the resolver
> since section 7 says:
>     A server providing recursive service MAY be configurable to
>     synthesize AAAA records from A6 records in response to clients' AAAA
>     queries.
>
> If a server does this and the resolvers ask for AAAA before A6
> then how can the server tell that the resolver is capable of
> asking for A6 records so it can skip the synthesis?

that's one possible bad thing.  but record synthesis has to be very
carefully considered -- and in this case after carefully considering it
i hereby object to doing it for AAAA.

if we want to specify a metaquery that can be satisfied by either AAAA
or A6 records (or A records for that matter) then by all means let's make
one.  MAILA and MAILB are metaqueries.  they have no corresponding RRTYPES;
they are examples of QTYPE being a subtype of RRTYPE in the DNS specs.

but answering with types not in evidence, or making things up on the fly,
or putting unrelated things in as additional data, will all screw DNSSEC in
different ways.  repeat after me: dns is a coherent, reliable, distributed,
autonomous database.  it is not a directory service.  it encodes policy as
facts, and returns those facts reliably to questioners.  it does not 
directly deal in policy.

> This issue points out that we need the resolver and server
> transition written down so that the WGs and the IESG can check 
> that things work well together.
> Just having the transition strategy for the DNS server isn't enough.

this is certainly also true.


------- End of Blind-Carbon-Copy

More information about the bind-workers mailing list