Paul Wouters wrote:
>
> Yes you can ask for the NS records, and the NS records that are in
> a completely different zone, at the expense of launching new queries,
> adding round trips.
You can get all the info in two round trips at most. First round trip: ask
for NS records at all the potential z
Mark Andrews wrote:
> Paul Wouters wrote:
>
> > and it fails when CNAME/DNAME is involved, as you also point out.
>
> It doesn't fail when a CNAME or a DNAME is involved. The data is
> useful to validate the CNAME/DNAME and you just initiate more
> queries to validate the target of the CNAME/DNAM
On Wed, 13 Nov 2013, Mark Andrews wrote:
Apart from being messy, it does not work if you want to query and
remember NS records (in case you have to switch from forwarding mode
to being a full recursor)
Garbage. There is absolutely nothing stopping you remembering NS
records returned in the re
In message , Paul Wouters w
rites:
> On Tue, 12 Nov 2013, Tony Finch wrote:
>
> >> Really? If I want to validate www.nohats.ca, and I don't have more than
> >> the DS/DNSKEY of ca, how can I do this in one round trip without these
> >> drafts? You mean just adding items in the additional section?
On Tue, 12 Nov 2013, Tony Finch wrote:
Really? If I want to validate www.nohats.ca, and I don't have more than
the DS/DNSKEY of ca, how can I do this in one round trip without these
drafts? You mean just adding items in the additional section?
No. Send the following separate queries concurrent
Paul Wouters wrote:
> On Tue, 12 Nov 2013, Tony Finch wrote:
> >
> > Re. edns-tcp-chain-query and edns-tcp-keepalive, the minutes say "DNSSEC
> > requires many round-trips to get all the data needed to validation."
> >
> > This is probably a correct report of what was said but the statement is
> >
On Tue, 12 Nov 2013, Tony Finch wrote:
Tim Wicinski wrote:
http://www.ietf.org/proceedings/88/minutes/minutes-88-dnsop
Re. edns-tcp-chain-query and edns-tcp-keepalive, the minutes say "DNSSEC
requires many round-trips to get all the data needed to validation."
This is probably a correct re
Tim Wicinski wrote:
>
> http://www.ietf.org/proceedings/88/minutes/minutes-88-dnsop
Re. edns-tcp-chain-query and edns-tcp-keepalive, the minutes say "DNSSEC
requires many round-trips to get all the data needed to validation."
This is probably a correct report of what was said but the statement i
On 11/12/2013 09:20 AM, Tim Wicinski wrote:
>
> I've uploaded the minutes, with an initial editing pass. There are
> located here:
>
> http://www.ietf.org/proceedings/88/minutes/minutes-88-dnsop
>
I wasn't there, and wasn't able to follow remotely this time, but I
assume that "Evan Hunt: csync
I've uploaded the minutes, with an initial editing pass. There are
located here:
http://www.ietf.org/proceedings/88/minutes/minutes-88-dnsop
Big thanks to Stephane Bortzmeyer for doing an first class job on these.
Over the next week or so, I'm going to start moving forward some of the
discu
10 matches
Mail list logo
