Colm MacCárthaigh wrote: > The paper mentions that RRsets are canonicalised before being > de-duped. It mentions that the names are downcased and then the RRs > sorted by data-value. Does the downcasing also apply to the names in > the data section?
the canonicalization process follows RFC 4034 section 6.2 (and draft-ietf-dnsext-dnssec-bis-updates section 5.1), so yes, if the RRtype of the RRset is one of the types that are supposed to be downcased in DNSSEC canonical form. it's my intention that the de-duplication process not harm DNSSEC-oriented uses of the data (e.g., validating the signatures of historical RRsets). in practice i think this also requires RRset-level atomicity, which we also ensure. (it seems most passive DNS systems are RR-oriented and don't ensure RRset atomicity, which is unfortunate.) > Are the labels also fully de-compressed at this stage? or could > differences in compression and case cause duplication? I'm curious if > you've observed any differences in how compression is applied. yes, the domain names in the RR owner name and in the Rdata (for the RRtypes that specify compressed domain names) are fully uncompressed before being used. i'm sure there are variations in how compression is applied but i haven't studied it. -- Robert Edmonds [email protected] _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
