On 5 Feb 2025, at 15:39, Wessels, Duane
<dwessels=40verisign....@dmarc.ietf.org> wrote:
> I think .internal definitely should be a special use domain name, just like
> .invalid, .test, and others. The text for RFC 6761 consideration 4 should be
> similar to those others, e.g.:
> 4. Caching DNS servers SHOULD, by default, recognize .internal
> names as special and SHOULD NOT, by default, attempt to look
> up NS records for them, or otherwise query authoritative DNS
> servers in an attempt to resolve .internal names. Instead,
> caching DNS servers SHOULD, by default, generate immediate
> negative responses for all such queries. This is to avoid
> unnecessary load on the root name servers and other name
> servers.
> I’d really like to see MUST instead of SHOULD but I suspect most will think
> thats a step too far.
Personally I don't think that special actions in resolvers for INVALID and TEST
are a good idea either; I would prefer consistent behaviour and no special
cases, especially as I suspect that resolver operators that pay attention to
this kind of thing and keep their software up-to-date probably already do
aggressive NSEC caching and hence the risk to the root server system is lower
than the risks related to increased complexity and camel exhaustion. But both
risks seem small.
If the consensus is that following the examples of INVALID and TEST is sensible
then this would be a more convincing 6761-path to "special".
I suppose I prefer SHOULD to MUST, but really I prefer "not special" to
"special".
Joe
_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org
