On Tue, Jun 18, 2024 at 2:01 PM Wessels, Duane <dwessels=
40verisign....@dmarc.ietf.org> wrote:

>
>
> > On Jun 18, 2024, at 10:49 AM, Paul Hoffman <paul.hoff...@icann.org>
> wrote:
> >
> > Responding to one bit of Duane's response.
> >
> > On Jun 18, 2024, at 10:40, Wessels, Duane <dwessels=
> 40verisign....@dmarc.ietf.org> wrote:
> >
> >>> What should an authoritative nameserver return as zone version if it is
> >>> configured as authoritative nameserver but can't get the zone version
> (eg
> >>> because "no permission to read file")  One way would be to allow it to
> return
> >>> a zero length for ANY type and define that as an error condition.
> >>
> >> I think the authors will need to discuss how to handle error conditions
> like this
> >> and get back to you.
> >
> > PaulW's DISCUSS on this topic doesn't make sense. If a server is
> authoritative for a zone, it has know the version of the zone: the zone is
> incomplete without its version. If the server doesn't know the version, it
> should not be answering any queries for that zone at all.
>

I gave a bad example. Image a database backend, but the backend is
temporarily down. It will return ServFail but what would you put into the
zone version?


>
> Yes, perhaps.  The one example I could think of is if the server was
> configured to be authoritative for a zone, but is unable to load the zone
> data either via network or disk.
>
> A server could just omit any zone version in this (rare?) case.  The only
> reason to do something other than that would be for the server to indicate
> it supports zone versioning but not at that moment for that zone.
>

I guess either omit or a zero length zone version would work for me.

Paul
_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org

Reply via email to