The current draft is hand-wavy when it comes to which transports DSO can
run on.
Section 2 says "such as":
The term "connection" means a bidirectional byte stream of reliable,
in-order messages, such as provided by using DNS over TCP
[RFC1035][RFC7766] or DNS over TLS [RFC7858].
Section 4.1 says "are suitable":
Standard DNS over TCP [RFC1035][RFC7766], and DNS over TLS [RFC7858]
are suitable protocols.
The document should explicitly list which protocols are currently
acceptable, and say that the list can change in the future based on
standards-track documents. Proposed wording for both of these above are:
Section 2:
The term "connection" means a bidirectional byte stream of reliable,
in-order messages.
Section 4.1 says "are suitable":
DSO MUST be run as standard DNS over TCP [RFC1035][RFC7766]
or DNS over TLS [RFC7858]. This list might expand in the future,
such
an expansion MUST be in standards-track RFCs.
Having developers know exactly which protocols can be used is important
so that they do not use protocols that they accidentally think are
reliable and in-order. For example, the DOH WG is working on a protocol
that might initially seem attractive, but it does *not* qualify for DSO.
--Paul Hoffman
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
