Hi Alexander,
My response is also inline:
Alexander Robohm schreef op 2024-07-21 21:44:
Hi Ben,
- The DNS UPDATE RFC redefines the question section as the zone
section. This means that the DNS server already doesn't extract the
target zone from the record name, but from the zone section. A
relative record should therefore be added to the zone mentioned in the
zone section.
- The label indicator only can appear in the end, so
"selector._domainkey[relative-label-here]". The zone name has to be
known from context, but that is the case for DNS UPDATE (zone section)
and also for binary zone file (file name and file header).
This should be made explicit. Maybe the whole draft could be something
like "Relative Names for DNS UPDATE", and precisely define a mechanism
for this particular purpose, including the new label type.
Section 4 already describes that the label can only appear in the end of
the FQDN, but I think it is good to add some examples to make it more
clear. I don't agree on naming the whole draft to something like
"Relative Names for DNS UPDATE", because the label can be used much
broader than only DNS UPDATE.
- It is not about if a program can or cannot make a FQDN of something
relative. It is about the control of the user using that program to be
able to choose if a record is added with relative/absolute domain
names.
Overall, IMHO, this is a UI issue in the panel you are using to manage
your zones, and not something that needs to be implemented in the DNS
itself. You can already have relative names in presentation format by
not including the trailing '.', and you can store zones in any format
you want. On the wire, this just does the job of a pointer in 1 less
octet.
Yes, but this is exactly the problem. In representation format is it
possible, but not in wire format. Using this relative label (0x40) is
actually the same as removing that dot. Note that it is different
compared to compression, because compression has another goal.
Let me add an example already:
- `www.example.com.` <--> `\x03www\x07example\x03com\x00`
- `www` <--> `\x03www\x40`
Like the missing end dot in the representation format, in the wire
format the \x40 byte indicates the domain name being relative. And like
the representation format, you only can know the FQDN if you know in
which zone this record is. A relative domain name, without a zone name
to make it absolute, is useless. However, DNS UPDATE and BIND's raw
binary zone files (as well as the text format) always provide this zone
name, so there is no problem using relative domain names in those two
cases.
Alexander
Ben
_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org
_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org
