> On 29 Jul 2021, at 10:33 am, Mark Delany wrote:
>
> On 29Jul21, Geoff Huston allegedly wrote:
>
>> For me it appears to depend on the actions of the resolver as to whether
>> this would be faster
>> or not. If all resolvers blindly re-query using TCP for all UDP responses
>> where TC=1 is
> On 29 Jul 2021, at 10:12 am, Mark Andrews wrote:
>
>
>
>> On 29 Jul 2021, at 09:58, Geoff Huston wrote:
>>
>> Hi Paul,
>>
>>> On 29 Jul 2021, at 2:10 am, Paul Wouters wrote:
>>>
>>> On Wed, 28 Jul 2021, Geoff Huston wrote:
>>>
i.e. amend section 3 to read:...
3. Recomm
On 29Jul21, Geoff Huston allegedly wrote:
> For me it appears to depend on the actions of the resolver as to whether this
> would be faster
> or not. If all resolvers blindly re-query using TCP for all UDP responses
> where TC=1 is seen in
I'm not sure I follow this bit. Are you merely implying
> On 29 Jul 2021, at 09:58, Geoff Huston wrote:
>
> Hi Paul,
>
>> On 29 Jul 2021, at 2:10 am, Paul Wouters wrote:
>>
>> On Wed, 28 Jul 2021, Geoff Huston wrote:
>>
>>> i.e. amend section 3 to read:...
>>>
>>> 3. Recommendations
>>>
>>> This document clarifies RFC1034 in that in-bailiwick
Hi Paul,
> On 29 Jul 2021, at 2:10 am, Paul Wouters wrote:
>
> On Wed, 28 Jul 2021, Geoff Huston wrote:
>
>> i.e. amend section 3 to read:...
>>
>> 3. Recommendations
>>
>> This document clarifies RFC1034 in that in-bailiwick [RFC8499] glue (being
>> part of all
>> available glue records) MU
We are clearly talking past each other here. Let's see what the rest of
the WG thinks.
I think we need to think harder about "what is required for the DNS
protocol to work" vs "what do I think might be a nice idea."
R's,
John
On Wed, 28 Jul 2021, Shumon Huque wrote:
On Wed, Jul 28, 2021 a
On Wed, Jul 28, 2021 at 12:20 PM John R Levine wrote:
> On Wed, 28 Jul 2021, Shumon Huque wrote:
> > Sibling glue was already covered in RFC 1034 (even though there was no
> term
> > for it). ...
>
> Sure, but we've been cleaning up the ambiguities and errors in 1034 for 30
> years. A straightfo
On Jul 28, 2021, at 14:00, Paul Wouters wrote:
> If the zone example contains amongst other content:
>
> foo.example. IN NS ns0.foo.example.
> foo.example. IN NS ns0.bar.example.
> ns0.foo.example. IN A 1.2.3.4
> ns0.bar.example. IN A 1.2.3.5
>
> Then for the DNS server returning an NS query fo
Moin!
On 28 Jul 2021, at 16:13, Paul Wouters wrote:
> On Jul 28, 2021, at 08:22, Joe Abley wrote:
>>
>> I tend to agree with this.
>>
>> There are a lot of ways a delegation can be non-functional (for example the
>> circle of dependencies can be as big as you like, can incorporate third
>> co
Moin!
On 28 Jul 2021, at 18:03, Paul Wouters wrote:
> On Wed, 28 Jul 2021, Ralf Weber wrote:
>>> First, as Mark said, sibling glue is sometimes needed.
>> It is only needed for broken circular dependancies, which we don’t care
>> about.
>
> They are not broken until you decide "we don't care ab
On Wed, 28 Jul 2021, Joe Abley wrote:
Do you want dns servers to spend extra CPU power to lookup whether this is a
“non-functional” glue case instead of spending less CPU just looking if it has
a glue record and adding it?
I'm not sure I understand your argument about what is more work for t
Hi Paul,
On Jul 28, 2021, at 10:13, Paul Wouters wrote:
> Do you want dns servers to spend extra CPU power to lookup whether this is a
> “non-functional” glue case instead of spending less CPU just looking if it
> has a glue record and adding it?
I'm not sure I understand your argument about
On Wed, 28 Jul 2021, Shumon Huque wrote:
Sibling glue was already covered in RFC 1034 (even though there was no term
for it). ...
Sure, but we've been cleaning up the ambiguities and errors in 1034 for 30
years. A straightforward reading of that paragraph also gives you the
Kaminsky attack.
On Wed, 28 Jul 2021, Geoff Huston wrote:
i.e. amend section 3 to read:...
3. Recommendations
This document clarifies RFC1034 in that in-bailiwick [RFC8499] glue (being part
of all
available glue records) MUST be returned in referral responses, and there is a
requirement
to set TC=1 if all in
On Wed, 28 Jul 2021, Ralf Weber wrote:
First, as Mark said, sibling glue is sometimes needed.
It is only needed for broken circular dependancies, which we don’t care
about.
They are not broken until you decide "we don't care about" :)
Second, the server will most likely not know whether o
Dear WG Chairs,
In light of the new agenda, I’d like to reserve time for a 15 minute
presentation.
Warmly,
Roy
> On 28 Jul 2021, at 16:04, Benno Overeinder wrote:
>
> Dear WG,
>
> We have updated the agenda for DNSOP WG session II on Thursday 29 July. The
> updated agenda is uploaded to d
On Wed, Jul 28, 2021 at 8:18 AM Hollenbeck, Scott
wrote:
>
>
> *[SAH] *Something to consider:
> https://www.ietf.org/about/groups/iesg/statements/on-inclusive-language/
>
>
>
> “The “black lies” term may get called into question.
>
Hi Scott,
I'm aware that this would come up. I'm currently usin
Dear WG,
We have updated the agenda for DNSOP WG session II on Thursday 29 July.
The updated agenda is uploaded to datatracker:
https://datatracker.ietf.org/meeting/111/materials/agenda-111-dnsop-06
See you all on Thursday!
Suzanne
Tim
Benno
___
On Jul 28, 2021, at 08:22, Joe Abley wrote:
>
> I tend to agree with this.
>
> There are a lot of ways a delegation can be non-functional (for example the
> circle of dependencies can be as big as you like, can incorporate third
> cousin twice removed glue, etc) and it makes more sense to me
On Jul 28, 2021, at 07:51, Ralf Weber wrote:
> On 28 Jul 2021, at 5:10, Paul Wouters wrote:
>
>> First, as Mark said, sibling glue is sometimes needed.
> It is only needed for broken circular dependancies, which we don’t care about.
I tend to agree with this.
There are a lot of ways a delega
From: DNSOP On Behalf Of Shumon Huque
Sent: Tuesday, July 27, 2021 7:35 PM
To: dnsop@ietf.org WG
Subject: [EXTERNAL] [DNSOP] Empty Non-Terminal sentinel for Black Lies
Caution: This email originated from outside the organization. Do not click
links or open attachments unless you recognize the
Moin!
On 28 Jul 2021, at 5:10, Paul Wouters wrote:
On Wed, 28 Jul 2021, Ralf Weber wrote:
However requiring authorities to put unnecessary data in the
additional section
(the sibbling glue) is not something I support.
First, as Mark said, sibling glue is sometimes needed.
It is only needed
On Wed, Jul 28, 2021 at 7:42 AM Ralf Weber wrote:
> Moin!
>
> On 28 Jul 2021, at 1:34, Shumon Huque wrote:
>
> >The Black Lies method of providing compact DNSSEC denial of existence
> >proofs has some operational implications. Depending on the specific
> >implementation, it may provi
Moin!
On 28 Jul 2021, at 1:34, Shumon Huque wrote:
>The Black Lies method of providing compact DNSSEC denial of existence
>proofs has some operational implications. Depending on the specific
>implementation, it may provide no way to reliably distinguish Empty
>Non-Terminal names
On Tue, Jul 27, 2021 at 8:46 PM Brian Dickson
wrote:
> On Tue, Jul 27, 2021 at 4:35 PM Shumon Huque wrote:
>
>> Folks,
>>
>> While we have the attention of DNSOP folks this week, I'd like to ask for
>> review of this draft (I meant to send it earlier in time for f2f discussion
>> on Tuesday, but
On Wed, Jul 28, 2021 at 2:26 AM Geoff Huston wrote:
> The language of sections 2 and 3 are clear and purposeful. For DNS
> resolution to work
> the glue records for “in-balliwick” name servers of a zone MUST be
> provided as glue records
> in a DNS response. clear.
>
> Section 4 in Sibling Glue t
26 matches
Mail list logo
