> On Dec 2, 2016, at 2:55 PM, 神明達哉 <jin...@wide.ad.jp> wrote:
>
> At Fri, 25 Nov 2016 19:50:48 -0500,
> tjw ietf <tjw.i...@gmail.com> wrote:
>
>> Please review the draft and offer relevant comments. Also, if someone feels
>> the document is *not* ready for publication, please speak out with your
>> reasons.
>>
>> *Also*, if you have any opinion on changing the document named from
>> 'refuse-any' to 'minimal-any', please speak out.
>
> I've read the 03 version of the document. I do *not* think this is
> ready for publication since I still believe we should not abuse HINFO
> for this purpose as I argued a year ago:
> https://www.ietf.org/mail-archive/web/dnsop/current/msg16118.html
> (But other than that I think the document is quite well written).
>
We have some implementation experience with this and the fact that we return a
Record that is parsed and displayed in human readable format has proven
valuable in
dealing with “interoperability” problems.
A number of “abusers” of ANY queries have seen this read the draft and said
- yep I should have a fallback
or - asking for exactly what I need is better way
So what other RFC1034/5 defined type are you willing to throw under the bus?
Paul Wouters accused us of doing in at the DNS-Oarc workshop in Montreal),
these exchanges from the Q/A part of the presentation are enlightening
https://youtu.be/Gt9VUPDoZk0?t=1h24m53s
> As for renaming the file, I don't have a strong opinion, but we expect
> a bigger issue like HINFO can lead to more revisions, it would be good
> to rename it at this opportunity in order to avoid confusion for
> future readers.
>
I’m hoping the version coming after this WGLC be advanced to the IESG/IETF LC
so renaming at this point serves limited purpose.
> Some specific comments on the text:
>
> - Section 3
>
> 1. A DNS responder can choose to select one or subset of RRSets at
> the QNAME.
>
> 'one or subset of RRSets' sounds a bit awkward to me, partly because
> 'a subset of RRSets' should include 'one of RRSets' and can thus be
> redundant, and partly because 'subset of RRSets" might sound related
> to 'subset of an RRSet' (it's actually "a subset of set of RRSets").
> So I'd suggest changing this one of the following:
> - "one or a few of RRSets (but not all of them)"
> - "one or a few of RRSets"
> - "a subset of RRSets"
> I personally prefer the first most although it may be too verbose.
>
I think the best way to address this to be consistent with Section 4 is to say
“one RRset” and be done with it
> - Section 4
>
> A DNS responder which receives an ANY query MAY decline to provide a
> conventional response, or MAY instead send a response with a single
> RRSet in the answer section.
>
> "a single RRSet" doesn't seem to be fully consistent of "one or
> subset of RRSets" stated in the preceding section (see the previous
> bullet).
>
see above
> - Section 4
>
> If the DNS query includes DO=1 and the QNAME corresponds to a zone
> that is known by the responder to be signed, a valid RRSIG for the
> RRSets in the answer (or authority if answer is empty) section MUST
> be returned.
>
> Does this also apply to a synthesized HINFO (if so, by dynamically
> signing it?)?
>
Yes
> - Section 6
>
> In the case where a zone that contains HINFO RRSets is served from an
> authority server that does not provide conventional ANY responses.
>
> This may be just because of my English literacy, but on my first
> read it was quite confusing to me; I first thought the second 'that'
> was a relative pronoun, which would make this text an incomplete
> sentence. If there was a comma after 'server' that would be more
> readable for me.
Joe and I will take a stab of making that clearer
>
> - Section 7: a minor typo, s/implimentations/implementations/
>
> not return all RRSIGS. In the wild there are implimentations that
>
Yep need to fix that
Thank you for your excellent review.
Olafur
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
