Hi Stephane, Does this change address your concerns?
diff --git a/draft-ietf-dprive-dns-over-tls.xml
b/draft-ietf-dprive-dns-over-tls.xml
index a0ae144..a40cec8 100644
--- a/draft-ietf-dprive-dns-over-tls.xml
+++ b/draft-ietf-dprive-dns-over-tls.xml
@@ -394,7 +394,7 @@
<!-- cut-n-paste from rfc5966-bis sec 7 -->
Since pipelined responses can arrive out-of-order, clients
MUST match responses to outstanding queries using the ID
- field and port number. Failure by clients to properly
+ field, query name, type, and class. Failure by clients to properly
match responses to outstanding queries can have serious
consequences for interoperability (<xref
target="I-D.ietf-dnsop-5966bis"/>, Section 7).
@@ -403,7 +403,7 @@
<section anchor="Connection" title="Connection Reuse, Close and
Reestablishment">
<t>
- For DNS clients that use library functions such as "gethostbyname()",
+ For DNS clients that use library functions such as "getaddrinfo()"
and "gethostbyname()",
current implementations are known to open and close TCP connections
each DNS
call. To avoid excess TCP connections, each with a single query,
clients SHOULD reuse a single TCP connection to the
> On Sep 21, 2015, at 7:48 AM, Stephane Bortzmeyer <[email protected]> wrote:
>
> On Fri, Sep 18, 2015 at 05:03:58PM -0400,
> Warren Kumari <[email protected]> wrote
> a message of 97 lines which said:
>
>> We would appreciate it if the WG could do a careful review of this
>> document and point out the issues, inconsistencies, errors and
>> omissions.
>
> I did not find a serious problem. I have one question and one
> criticism.
>
>> Since pipelined responses can arrive out-of-order, clients MUST
>> match responses to outstanding queries using the ID field and port
>> number.
>
> I do not understand how this works. All replies on a given TCP
> connection will have the same source port (the new well-known port)
> and the same destination port (the one used to open the TCP
> connection). So, how do you use the port number for demultiplexing?
> Why not using the QNAME instead? (The query ID may be unsufficient if
> there are a lot of outstanding queries + the birthday paradox.)
>
>> For DNS clients that use library functions such as
>> "gethostbyname()",
>
> This was replaced by a better function in RFC 2133, in 1997...
>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
