[bind10-dev] CNAME, DNAME and authority section
Michal 'vorner' Vaner
michal.vaner at nic.cz
Sat Feb 5 17:32:31 UTC 2011
Hello
On Sun, Feb 06, 2011 at 12:53:20AM +1100, Mark Andrews wrote:
> In message <20110205083800.GA10642 at tarantula>, Michal 'vorner' Vaner writes:
> > I'm facing a slight problem about behaviour. If the auth server puts a CNAM=
> > E or
> > DNAME into the answer, the specs are somehow silent regarding what should b=
> > e put
> > into the authority section (if anything).
>
> Go re-read RFC 1034. It isn't silent.
Thanks for your pointer, I did reread it and I found interesting information
there.
Both according to the algorithm and to the examples, it seems that the authority
section should be left empty (or, more precisely, it doesn't say anything should
be put into there in case of success).
Therefore, all nameservers that currently live in the wild do that not in
conformance of that RFC (but, it seems, neither against it, as nothing seems to
forbid adding more data anywhere into the packet), which means we are free to do
whatever we like in case of success, and that includes finding a CNAME or DNAME.
That is what I mean it is silent to the current point ‒ it neither says we
should nor we shouldn't.
Of course, I might missed something or might have misinterpreted it, in which
case I'll be very happy for a more concrete pointer or explanation.
But if I'm right, the original question, what should we do with regard to
authority section in case of CNAME or DNAME is still left open.
Thank you
With regards
--
BOFH Excuse #430:
Mouse has out-of-cheese-error
Michal 'vorner' Vaner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind10-dev/attachments/20110205/c114ed65/attachment.bin>
More information about the bind10-dev
mailing list