Op 06-03-2024 om 22:06 schreef Wessels, Duane:
Well, RFC 2181 had a uniquely broad definition of glue (see also the terminology draft: https://www.ietf.org/archive/id/draft-ietf-dnsop-rfc8499bis-10.html#section-7-2.29), so I came up with "other than occluded data" to be more generic, but I suppose that wouldn't include the delegation NS records themselves, so that won't work either. I'll try to come up with something better...Hi, some initial thoughts:RFC 2181 says "Data from a zone transfer, other than glue” but this draft doesn’t make any exceptions for glue or non-authoritative data from a zone transfer. Is that intentional?
Should RFC 8767 stale data be ranked differently than fresh data? Should EDNS Client Subnet play into ranking?
I like your thinking! Yes, fresh data should replace stale data in resolver caches, and yes a more specific ECS prefix answer is preferable over a less specific ECS prefix. The draft is intended to start re-evaluation and re-thinking of that ranking. The authors are planning to discuss this extensively at the hackathon preceding IETF 119. This is already very good input! So, Thanks!
-- Willem
DWOn Mar 4, 2024, at 6:37 PM, Benno Overeinder <be...@nlnetlabs.nl> wrote:Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.-------- Forwarded Message -------- Subject: I-D Action: draft-toorop-dnsop-ranking-dns-data-00.txt Date: Mon, 04 Mar 2024 13:12:26 -0800 From: internet-dra...@ietf.org To: i-d-annou...@ietf.orgInternet-Draft draft-toorop-dnsop-ranking-dns-data-00.txt is now available.Title: Ranking Domain Name System data Authors: Paul Hoffman Shumon Huque Willem Toorop Name: draft-toorop-dnsop-ranking-dns-data-00.txt Pages: 4 Dates: 2024-03-04 Abstract: This document extends the list ranking the trustworthiness of domain name system (DNS) data (see Section 5.4.1 of [RFC2181]). The list is extended with entries for root server names and addresses built-in resolvers, and provided via a root hints file with the lowest trustworthiness, as wel as an entry for data which is verifiable DNSSEC secure with the highest trustworthiness. This document furthermore assigns ranked values to the positions of the list for easier reference and comparison of trustworthiness of DNS data. The IETF datatracker status page for this Internet-Draft is: https://secure-web.cisco.com/1-KFlj_oYrZOH-5BhyKqBeDYA57SqQxpkiil5nsPhQR9QBqNk5C1dftYIqaAaBo55ch7u5zlzSyavgTQh3U4JVQSRVGLu4rDLk6FjqWp5kurgOW2oqCka2YyZ9SzqiOfjQbUP2XEQi9izTnWo90VgorxeKRntDUgxyVOYihvFygAM6nuXgV8jBlXpMb2pxDPAfbX70Wv0uqDcZiq1A979EWVqSt9MCvNxQr2kerBKq7OAzltfygzvl6X_KUg8Hoq1R3TOzWDL9uJCJdiWawGKtp80A9QP2MuAXF70_-cRUAI/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-toorop-dnsop-ranking-dns-data%2F There is also an HTMLized version available at: https://secure-web.cisco.com/1MS_L_uLvJbHCh42n3cgkh_vZRkcg-dAAs_ThN8dzzEXCzyNrE60Pow2LR2HWuKjY1rtp9zIXQPO9QWmDyKZ3drYTqpRRPAhOG408US3yeZ_ybTUwx5ZmGVFIDhhZCDyIuP4Rg_kj_e4KE4mxsKgzgEfIQdwq7bK01e2Edkb4wSY0JIrc-Hzwsw6uz-xNn84Qrb8f3ltQ4Ei9RGjHCnWzJ4NFCNmChSwQ7D9QkgFVPeZKGEVSEIwpohbW91IyDYpcHAs4A1RD-dezuELyugLuLafMYiooQeTs6JwhnK9UPXc/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-toorop-dnsop-ranking-dns-data-00 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://secure-web.cisco.com/1tsEMQC3Zecz5o61auTq0E97pflQrX3OHLUXtw4gyrJms3GEbkEmq1XikMPMvYLfFtsbpF0ywAkAOP674RMmrkeAJCnXXx9NyLN0KU9uKmvS3lhZ4ste6C9PM-fjBLzZQeg8oaUexDd7FDoDEkx6l4vrXi5QadmS-ZydnLgKxJsLB2arRZlHXiMm_UXCLHZWYGwTlCYoxupX1buUc3jOw3QN7hp6TmPsUEaNJUIJoiustJUfO4pppH1yzrjf_B9-bnwZJBnApnH_AL9Dep-ELQxFrkCKXZONXLa_VZgKV50M/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
OpenPGP_0xE5F8F8212F77A498_and_old_rev.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
