[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: please adopt http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20
On Tue, 22 Jul 2008, Paul Vixie wrote:
please adopt http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20 as a
working group document.
Yes, but with at least one change; section 5.4 implies that its a good
idea to preserve the case of the original query in the reply from the
resolver to the requesting application. This needs to be a 'MUST' to
avoid any issues with existing application libraries which already have
expectations of case preservation, ie:
5.4. Requestors MUST restore the case of the original question name
after the successful verification of the 0x20 bits in the reply, before
further decompression of the reply or forwarding onto a previous
requestor in the chain. This is to ensure that verification of 0x20
bits by earlier requestors works as expected, and that any sections that
use compression pointers which point into the question section are not
contaminated by otherwise unexpected changes to 0x20 bits.
During the dnsext discussion, there was the comment from marcos in the
jabber room to the effect that the 0x20 draft does not mention any
interactions with DNSSEC. This probably needs to be addressed in a 5.6.
to the effect of 'A DNSSEC response shall be preferred over mismatches in
the question section'.
--==--
Bruce.
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>