On 07. 09. 22 3:28, internet-dra...@ietf.org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.
Title : Delegation Revalidation by DNS Resolvers
Authors : Shumon Huque
Paul Vixie
Ralph Dolmans
Filename : draft-ietf-dnsop-ns-revalidation-03.txt
Pages : 7
Date : 2022-09-06
Abstract:
This document recommends improved DNS [RFC1034] [RFC1035] resolver
behavior with respect to the processing of Name Server (NS) resource
record sets (RRset) during iterative resolution. When following a
referral response from an authoritative server to a child zone, DNS
resolvers should explicitly query the authoritative NS RRset at the
apex of the child zone and cache this in preference to the NS RRset
on the parent side of the zone cut. Resolvers should also
periodically revalidate the child delegation by re-quering the parent
zone at the expiration of the TTL of the parent side NS RRset.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-ns-revalidation/
I wonder about this Datatracker line:
Intended RFC status (None)
What do authors plan, or WG leans to?
Speaking with my BIND hat on, I would prefer Informational.
Protocol in this draft is pretty complex, and so far the sky did not
fall despite resolvers not implementing it.
Based on this observation I think it should not be mandatory, and also
that parent-centric DNS resolver implementations should not be
"outlawed" by this (to-be) RFC.
--
Petr Špaček
Internet Systems Consortium
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
