> On Dec 2, 2016, at 2:55 PM, 神明達哉 <jin...@wide.ad.jp> wrote:
> 
> At Fri, 25 Nov 2016 19:50:48 -0500,
> tjw ietf <tjw.i...@gmail.com> wrote:
> 
>> Please review the draft and offer relevant comments. Also, if someone feels
>> the document is *not* ready for publication, please speak out with your
>> reasons.
>> 
>> *Also*, if you have any opinion on changing the document named from
>> 'refuse-any' to 'minimal-any', please speak out.
> 
> I've read the 03 version of the document.  I do *not* think this is
> ready for publication since I still believe we should not abuse HINFO
> for this purpose as I argued a year ago:
> https://www.ietf.org/mail-archive/web/dnsop/current/msg16118.html
> (But other than that I think the document is quite well written).
> 

We have some implementation experience with this and the fact that we return a 
Record that is parsed and displayed in human readable format has proven 
valuable in 
dealing with “interoperability” problems. 
A number of “abusers” of ANY queries have seen this read the draft and said 
       - yep I should have a fallback
or    - asking for exactly what I need is better way 

So what other RFC1034/5 defined type are you willing to throw under the bus? 
Paul Wouters accused us of doing in at the DNS-Oarc workshop in Montreal), 
these exchanges from the Q/A part of the presentation are enlightening
https://youtu.be/Gt9VUPDoZk0?t=1h24m53s



> As for renaming the file, I don't have a strong opinion, but we expect
> a bigger issue like HINFO can lead to more revisions, it would be good
> to rename it at this opportunity in order to avoid confusion for
> future readers.
> 

I’m hoping the version coming after this WGLC be advanced to the IESG/IETF LC 
so renaming at this point serves limited purpose. 

> Some specific comments on the text:
> 
> - Section 3
> 
>   1.  A DNS responder can choose to select one or subset of RRSets at
>       the QNAME.
> 
>  'one or subset of RRSets' sounds a bit awkward to me, partly because
>  'a subset of RRSets' should include 'one of RRSets' and can thus be
>  redundant, and partly because 'subset of RRSets" might sound related
>  to 'subset of an RRSet' (it's actually "a subset of set of RRSets").
>  So I'd suggest changing this one of the following:
>  - "one or a few of RRSets (but not all of them)"
>  - "one or a few of RRSets"
>  - "a subset of RRSets"
>  I personally prefer the first most although it may be too verbose.
> 
I  think the best way to address this to be consistent with Section 4 is to say 
“one RRset” and be done with it 

> - Section 4
> 
>   A DNS responder which receives an ANY query MAY decline to provide a
>   conventional response, or MAY instead send a response with a single
>   RRSet in the answer section.
> 
>  "a single RRSet" doesn't seem to be fully consistent of "one or
>  subset of RRSets" stated in the preceding section (see the previous
>  bullet).
> 
see above 

> - Section 4
> 
>   If the DNS query includes DO=1 and the QNAME corresponds to a zone
>   that is known by the responder to be signed, a valid RRSIG for the
>   RRSets in the answer (or authority if answer is empty) section MUST
>   be returned.
> 
>  Does this also apply to a synthesized HINFO (if so, by dynamically
>  signing it?)?
> 
Yes 

> - Section 6
> 
>   In the case where a zone that contains HINFO RRSets is served from an
>   authority server that does not provide conventional ANY responses.
> 
>  This may be just because of my English literacy, but on my first
>  read it was quite confusing to me; I first thought the second 'that'
>  was a relative pronoun, which would make this text an incomplete
>  sentence.  If there was a comma after 'server' that would be more
>  readable for me.

Joe and I will take a stab of making that clearer 

> 
> - Section 7: a minor typo, s/implimentations/implementations/
> 
>   not return all RRSIGS.  In the wild there are implimentations that
> 
Yep need to fix that 
Thank you for your excellent review. 

Olafur


_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to