It appears that Suzanne Woolf <swo...@pir.org> said: >If you feel the document is *not* ready for publication, please speak out with >your reasons.
The bits on the wire are fine, but I am unhappy with the implication that reasonable people should be happy with fake NODATA but if you're a pedant who demands NXDOMAIN, well OK, if you insist. Real things like query minimization depend on NXDOMAIN. If I query for a.b.c.d.example and d.example does not exist, fake NODATA will make the client leak the entire name with multiple wasted queries. Hence, in the penultimate paragraph in section 2, the sentence that starts "No special handling" should say that resolvers MUST implement the response code restoration in 4.1 unless the client sends the EDNS0 Compact Answers OK option. In the first paragraph of 4.1, rather than "optional but recommended", it's REQUIRED. If a client does not set the Compact Answer OK flag, the server MUST NOT send NXNAME, presumably sending white lies instead. Editorially, I would move the stuff about approaches not taken to an appendix to avoid confusing people. That includes the second and last paragraphs of section 2. In the last paragraph in section 5, I would put the second sentence first, saying that no scheme that uses minimally covering NSEC allows NXDOMAIN synthesis, to make it clear that this isn't a new problem, since white lies has it too. R's, John _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
