Hello,
and sorry for being so late.
While reading the draft and related discussion I realized that the draft
has two important problems which were not obvious at first:
1. The casse QTYPE=RRSIG should be made more prominent so it is
understood and not misused as ANY. There are implementations like Knot
Resolver which are work around missing RRSIG records in replies using
QTYPE=RRSIG.
Personally I would rename the document from
Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY
to
Providing Minimal-Sized Responses to DNS Queries
that have QTYPE=ANY or QRTYPE=RRSIG
... and extend Abstract as well:
The Domain Name System (DNS) specifies a query type (QTYPE)
"ANY" or "RRSIG". The operator of an authoritative DNS server might
choose not torespond to such queries for reasons of local policy,
motivated by security, performance or other reasons.
2. Section Updates to RFC 1035 should use normative language, especially
regarding RRSIG. Proposal follows:
RRSIG queries have the same potential as ANY queries of generating
large answers as well as extra work. In the wild there are
implementations that return REFUSE, others return single RRSIG, etc.
It is RECOMMENDED returning a single RRSIG in this case.
3. Text about necessity of fallback in applications trying to use ANY
query is burried under non-descriptive section name "Motivation". Given
the confusion is caused among application developers, I would like to
see it mentioned and explained again in section "Behaviour of DNS
Initiators".
I believe that it would greatly improve readability of the draft.
Petr Špaček @ CZ.NIC
On 16.3.2017 08:11, tjw ietf wrote:
>
> All
>
> During the first WGLC of draft-ietf-dnsop-refuse-any, several issues
> were raised by the working group that needed to be addressed. The
> Authors addressed the issues, but the changes are enough that there
> should be a second Working Group Last Call on the changes.
>
> This begins a Second WGLC for draft-ietf-dnsop-refuse-any. The Document
> is located
> here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-refuse-any/
>
> However, the changes that were made since the last WGLC can be found here:
>
> https://www.ietf.org/rfcdiff?url1=draft-ietf-dnsop-refuse-any-03&url2=draft-ietf-dnsop-refuse-any-04
>
> Please take a few moments to refer the changes and let the working group
> know if the document is ready to move forward. We're mostly looking
> for remaining issues that have not been addressed.
>
> This WGLC ends on Thursday 30 March
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
