> On 9 Mar 2015, at 14:28, Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
> 
> On Fri, Mar 06, 2015 at 08:59:20PM +0000,
> Evan Hunt <e...@isc.org> wrote 
> a message of 28 lines which said:
> 
>> (As an aside: I've often wondered why the DNS doesn't have *more*
>> meta-query types, less extensive than ANY, such as a single type
>> covering A and AAAA.
> 
> Probably for the same reason that makes QTYPE=ANY queries very
> difficult to understand for the beginner and counter-intuitive:
> because it is hard to specify the semantics. Imagine there is an ADDR
> meta-query covering A and AAAA. You send QTYPE=ADDR and you get only A
> record(s). Can you be *sure* (and can you validate with DNSSEC) that
> there was no AAAA? Think of the various cases, RD=0, RD=1, caches,
> forwarders, etc.
I wrote this a few years ago:

http://tools.ietf.org/html/draft-bellis-dnsext-multi-qtypes-01

The primary stumbling block was the possibility (given DNSSEC) for multiple 
different RCODEs for the different QTYPEs being requested.

I couldn't think of any failure modes in the non-DNSSEC case, but with signed 
data it's theoretically possible to have valid signatures for the owner name on 
one QTYPE and invalid signatures on another.

Ray

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to