On 2012-10-09, at 21:56, Mark Andrews <ma...@isc.org> wrote: > Please review draft-andrews-dnsop-rfc6598-rfc6303
OK! The idea is good. Reverse queries for addresses in 100.64.0.0/10 have been observed in the wild. I agree that this document should proceed. RFC 6303 did not specify the requirements for updating the IPv4 Locally-Served DNS Zone Registry, but I see the registry is marked "IETF Review" at the IANA, which seems compatible with an Informational document. > Abstract > > [RFC6598] specified that: "reverse DNS queries for 100.64/10 MUST NOT > be forwarded to the global DNS infrastructure". I seem to think that references are not allowed in abstract text. Spell out 100.64.0.0/10, since 100.64 is ambiguous (it's 100.0.0.64 according to BSD libc, for example). > This document formally requests that IANA add the associated zones to > the "Locally-Served DNS Zones" to prevent such queries accidently > leaking to the global DNS infrastructure. The word "registry" is missing. The registry is actually called "IPv4 Locally-Served DNS Zone Registry" (see <http://www.iana.org/assignments/locally-served-dns-zones/locally-served-dns-zones.xml#ipv4>). > 1. Introduction > > This is a formal request to add the reverse zones for the address > space allocated in RFC6598 to the "IPv4 Locally-Served DNS Zone" > registry estabilished by [RFC6303]. By the time this document is processed by the IANA it will be an RFC-to-be, and hence it's giving direction rather than making a request (formal or otherwise). You're also missing the direction from 6598 that you mentioned in the abstract. I suggest replacing this paragraph with: '[RFC6598] specified that "reverse DNS queries for 100.64/10 MUST NOT be forwarded to the global DNS infrastructure". [RFC6303] provides guidance on handling such queries. 'This document directs the IANA to add the IPv4 reverse zones corresponding to 100.64.0.0/10, a netblock reserved in [RFC6598], to the IPv4 Locally-Served DNS Zone Registry established in [RFC6303].' > 2. Changes to Locally-Served DNS Zones > > To add the following zone listed in RFC6598 Zones (Section 2.1) to > the "IPv4 Locally-Served DNS Zone" registry. > > 2.1. RFC6598 Zones I suggesting moving all of the content of section 2 to the IANA Considerations section. > 3. IANA Considerations > > This document recommends that IANA the zones listed in RFC6598 Zones > to the "IPv4 Locally-Served DNS Zone" registry. See above. This placeholder text can be replaced with the actual direction. > 4. Security Considerations > > As with any other Locally-Served DNS zone, reverse lookups of RFC6598 > zones will require non-default configuration to return anything other > than NXDOMAIN. This is a weird sentence. I would replace it with "This document is thought to present no additional security risks to the Internet." You'll need an Acknowledgements section. Joe
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
