I don’t think you intended this - but for DNSSEC validation, the set has to be sorted so don’t MUST NOT that … but I get that this is just a matter of wording in a suggestion. Perhaps, “shuffle on send/reply” is what is desired, what a protocol element does internally is up to its maker.
The root cause of this is programmers, in many situations, expect one value to be returned and not a list or set. Dealing with what a “set” is is also a weakness in coding. I keep thinking back to my first experiences with gethostbyname and only ever looking at the first returned value until I realized there was an array. (I never thought much about the “[0]” thing in all the examples back then.) > On Nov 7, 2024, at 10:37, Ben Schwartz <bemasc=40meta....@dmarc.ietf.org> > wrote: > > I would support a draft that says "every authoritative, recursive, forwarder, > stub, and application SHOULD shuffle the RRset, and MUST NOT sort it". Yes, > it would suffice that any one of them complies with this recommendation, but > the more components comply, the lower the risk of a biased overall system. > > --Ben Schwartz > From: Joe Abley <jab...@strandkip.nl <mailto:jab...@strandkip.nl>> > Sent: Tuesday, November 5, 2024 9:13 AM > To: Shane Kerr <sh...@time-travellers.org <mailto:sh...@time-travellers.org>> > Cc: dnsop@ietf.org <mailto:dnsop@ietf.org> <dnsop@ietf.org > <mailto:dnsop@ietf.org>> > Subject: [DNSOP] Re: New draft: DNS Servers MUST Shuffle Answers > > > > On 5 Nov 2024, at 14:48, Joe Abley <jab...@strandkip.nl > <mailto:jab...@strandkip.nl>> wrote: > > > The idea of making a protocol change in the DNS to work around behaviour > > that might be fixable in one point release of Android and iOS > > ... seems less than ideal, I meant to say. Sorry, clicked send a bit early. > Perhaps both those things were obvious :-) > > > Joe > _______________________________________________ > DNSOP mailing list -- dnsop@ietf.org <mailto:dnsop@ietf.org> > To unsubscribe send an email to dnsop-le...@ietf.org > <mailto:dnsop-le...@ietf.org> > _______________________________________________ > DNSOP mailing list -- dnsop@ietf.org <mailto:dnsop@ietf.org> > To unsubscribe send an email to dnsop-le...@ietf.org > <mailto:dnsop-le...@ietf.org>
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
