On 18 Jan 2024, at 13:42, Petr Špaček <pspa...@isc.org> wrote: > The only piece missing to make it *perfect* is "MUST use QDCOUNT=1", or in > other words, banning QDCOUNT=0 usage with DNS COOKIES. It's unnecessary > complexity.
I think these are two different suggestions: (1) Update the cookies spec to require QDCOUNT = 1 too (2) Apply a definitive restriction on QDCOUNT for all future opcodes, imagined or otherwise. I would prefer (1) to happen in a different document if is to be done, since there are cookies-specific conservations to be discussed and I don't think it would make the current document clearer to go through them all here. There are also different operational considerations based on what currently does or doesn't happen in the wild. I'm not sure what I think about (2), at least partly because I'm always wary about predicting the future. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
