> -----Original Message----- > From: jouni.nospam [mailto:[email protected]] > Sent: Thursday, November 17, 2016 3:33 PM > To: [email protected] > Cc: [email protected] > Subject: gen-art review of draft-ietf-dprive-dnsodtls-12 > > I am the assigned Gen-ART reviewer for this draft. The General Area Review > Team (Gen-ART) reviews all IETF documents being processed by the IESG for > the IETF Chair. Please treat these comments just like any other last call > comments. > > For more information, please see the FAQ at > > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Document: draft-ietf-dprive-dnsodtls-12 > Reviewer: Jouni Korhonen > Review Date: 2016-11-17 > IETF LC End Date: 2016-11-16 > IESG Telechat date: 2016-12-15 > > Summary: > > The document is ready for publication. > > Comments/questions: > > o Section 3.1. has “first-come, first-served” port range. What port range this > actually is? Does it refer to ephemeral port range (rfc6335).
User Ports, range is 1024-49151; assigned based on first come and first served policy. > > o Section 6 describes a case where an anycasted DTLS packet reaches a DNS > server > that does not have an existing security association with the client. A DTLS > session resumption should initiated as a result. Is it possible that the > next > DTLS message again reaches another DNS server without security > association, which > would cause a new fatal alert to be returned.. etc?? If this is the case > there > should > be some text pointing at this case. If I am just confused the current text > is > fine. It's the same problem as DNS-over-TCP (see https://tools.ietf.org/html/rfc7766#appendix-A), routing changes can disrupt TCP, DNS-over-TLS and DNS-over-DTLS session. Please suggest additional text you would like us to add. -Tiru _______________________________________________ Gen-art mailing list [email protected] https://www.ietf.org/mailman/listinfo/gen-art
