I think the worry is that some name servers may normalise the text format when loading from disk. The slave would then have a different wire format.
Such servers are broken. Wire to text to wire should produce the same rdata bit pattern with the exception of the types which are known to be compressible. -- Mark Andrews > On 21 May 2019, at 08:26, Wessels, Duane > <dwessels=40verisign....@dmarc.ietf.org> wrote: > > >> On May 17, 2019, at 12:14 PM, Olli Vanhoja <o...@zeit.co> wrote: >> >> I believe this has been in a bit stall for some time. I'm finally >> trying push for some real production implementations. >> >> I have one note that I wrote when I was initially reading the draft: >> >> - Canonical RR Form comes from RFC 4034 s. 6.2 and it doesn't require >> require normalization of SPF and CAA records. RFC 6844 specifically >> allows any string formatting allowed by >> https://tools.ietf.org/html/rfc1035#section-5.1 >> >> Not sure if there is any real issue with this one but in theory I >> guess there could be functionally equivalent records with a digest >> mismatch. Maybe it's even desirable that those are not normalized, >> just a note. > > Hi Olli, > > Can you expand on this? I'm not sure that I follow. > > ZONEMD doesn't operate on presentation format of RRs. It only operates on > canonical wire format. Are you saying that some RRs can have different valid > wire formats? That would surprise me since DNSSEC signatures are also based > on that format. > > DW > > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
