I've pushed out -05 to address WGLC and other recent comments:
Side by side diff from -04:
https://author-tools.ietf.org/iddiff?url1=draft-ietf-dnsop-compact-denial-of-existence-04&url2=draft-ietf-dnsop-compact-denial-of-existence-05&difftype=--html
Shumon.
On Wed, Oct 2, 2024 at 7:03 PM Suzann
On Fri, Oct 4, 2024 at 10:21 AM Vladimír Čunát wrote:
> On 04/10/2024 05.20, John Levine wrote:
>
> Editorially, I would move the stuff about approaches not taken to an appendix
> to
> avoid confusing people. That includes the second and last paragraphs of
> section 2.
>
> Yes, please.
>
Yes,
On Thu, Oct 3, 2024 at 8:00 PM Dave Lawrence wrote:
> I have read the most recent version of the document and am strongly in
> favor of its publication as a proposed standard. I want my NXDOMAINs
> back.
>
Thanks! You're not the only one :)
> I have little substantive feedback on the text, mo
On Sat, 5 Oct 2024, Philip Homburg wrote:
Other way around, if the client doesn't understand NXNAME, the recursive
needs to get the real signed NXDOMAIN to pass along.
If a recursive resolver passes NXDOMAIN to a requesting validator, then
the result has to prove NXDOMAIN, so there has to be ei
In your letter dated 5 Oct 2024 14:03:42 -0400 you wrote:
>> So I guess that any query that arrives at a recursive resolver with DO and
>> optionally CD set could be from an unmodified DNSSEC validator. So the
>> recursor has to obtain the NODATA result for a.b.c.d.example.
>
>Other way around, if
On Sat, 5 Oct 2024, Philip Homburg wrote:
If a stub resolver askes for a.b.c.d.example and d.example does not exist
then example is the target zone. It is also a TLD, but if d.example does not
exist then any query for a.b.c.d.example is directed at the zone example.
Right.
The question then b
In your letter dated 4 Oct 2024 13:31:36 -0400 you wrote:
>>There is no reason to assume that clients are constructing names that they
>>don't want to the target zone to know.
>
>But the presumably don't want the TLD to know them. Query minimization would
>only show e.example to the example TLD,
It appears that Philip Homburg said:
>> things like query minimization depend on NXDOMAIN. If I query for
>> a.b.c.d.example and d.example does not exist, fake NODATA will make
>> the client leak the entire name with multiple wasted queries.
>
>It seems to me that main purpose of query minimizati
On 04/10/2024 19.03, John R Levine wrote:
I suppose we could cheat slightly and say it's OK to restore NXDOMAIN
to clients that don't ask for DNSSEC but that doesn't seem like a
great direction to go.
That is discussed in the very beginning of section 4.
_
On Fri, 4 Oct 2024, Vladimír Čunát wrote:
special handling" should say that resolvers MUST implement the response code
restoration in 4.1 unless the client sends the EDNS0 Compact Answers OK
option.
You can't restore the RCODE by default. This topic is repeating. Such
answers must not pass
On 04/10/2024 05.20, John Levine wrote:
Editorially, I would move the stuff about approaches not taken to an appendix to
avoid confusing people. That includes the second and last paragraphs of section
2.
Yes, please.
Hence, in the penultimate paragraph in section 2, the sentence that starts
> The bits on the wire are fine, but I am unhappy with the implication
> that reasonable people should be happy with fake NODATA but if
> you're a pedant who demands NXDOMAIN, well OK, if you insist. Real
> things like query minimization depend on NXDOMAIN. If I query for
> a.b.c.d.example and d.ex
It appears that Suzanne Woolf said:
>If you feel the document is *not* ready for publication, please speak out with
>your reasons.
The bits on the wire are fine, but I am unhappy with the implication that
reasonable people should be happy with fake NODATA but if you're a pedant who
demands NXDO
I have read the most recent version of the document and am strongly in
favor of its publication as a proposed standard. I want my NXDOMAINs
back.
I have little substantive feedback on the text, mostly personal
editorial preferences that are not worth fussing about.
That said, is "lexicographic s
14 matches
Mail list logo
