On Thu, 21 Jul 2016, Stephane Bortzmeyer wrote:
Subject: [DNSOP] Asking for TCP and/or cookies: a trend? (Was: my lone hum
against draft-wkumari-dnsop-multiple-responses
On Wed, Jul 20, 2016 at 02:39:04PM +0200,
Peter van Dijk <peter.van.d...@powerdns.com> wrote
a message of 26 lines which said:
start of a very slippery slope to make queries or responses to
QTYPEs dependent on the underlying transport protocol (modulo AXFR
of course). Are layering violations acceptable nowadays?
+lots, I see mentions of TCP and/or cookies popping up in more and
more drafts and it has to stop.
It is already in at least one RFC, 7901 (section 5.1).
What is the problem with specifying it in the protocol instead of
leaving it to implementors?
Would people feel better if we did a new document on implementor
guidelines for DNS UDP, TCP and DNS-COOKIES and then refer to that?
Surely we could make that happen, and then it technically no longer
depends on the QTYPE, but on the "DNS answer is much larger than the
DNS question" section.
And I have been wondering if we should allow for a DNS padding in the
query packet to ensure answer packets (over UDP) are going to be
smaller then the query packet. And therefore prevents DDOS
amplification.
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
