Hi,
On 07/07/2015 12:29, Tony Finch wrote:
John Dickinson <[email protected]> wrote:
We have just submitted a -02 update to the 5966bis draft.
I have read through this draft. It looks in good shape to me.
A general comment: can you please grep for lower-case RFC 2119 keywords
and either upper-case them or replace them with different phrasing, so
there is no doubt about whether something is a misspelled requirement or
really a suggestion. (e.g. "ought" instead of "should", "can" instead of
"may".) Section 6.2.1.1 especially.
Good idea - will do.
Is there anything to say about pMTUd on UDP vs TCP?
Will give this some thought.
Section 6.2.2 ought to allow for concurrent zone transfers, since that is
necessary for primary/secondary setups with many busy zones.
OK
Section 6.2.3 "a few seconds" still seems generous, though I suppose it's
hard for a server to tune the timeout to something based on the client's
RTT...
Hopefully, one day there will be some kind of idle timeout signalling.
What value would you suggest?
Section 6.2.4 is it worth saying that a client can retry over UDP if it
has not previously received a TC reply to this query?
I think this is covered by the "No specific retry
algorithm is specified in this document."
Section 11:
Wider use of TCP doesn't make servers more vulnerable to DoS attacks, but
rather it increases the likelyhood of accidental DoS due to server
overload.
Yes, I agree that statement could be better written. At the very least
it should say accidental DOS of TCP only. I would hope that UDP would
still be OK.
I think discussing the wider use of TCP just makes it more blatantly
obvious how vulnerable existing servers are to TCP resource exhaustion.
Fixing TCP scalability will make them more resistant to DoS attacks.
Yes
Appendix A:
Is this supposed to be just a summary of points made earlier? There are
some points here about TFO and MPTCP which aren't in the main body.
I will make this consistent or consider removing it.
Some editorial nits:
RRL is mentioned twice mentioned twice in the first para.
Added text in the xref but didn't remove it from the body!
I suggest changing this paragraph in the intro
This document therefore updates the core DNS protocol specifications
such that support for TCP is henceforth a REQUIRED part of a full DNS
protocol implementation.
to
The previous version of this document [RFC5966] updated the core DNS
protocol specifications such that support for TCP became a REQUIRED
part of a full DNS protocol implementation.
I am not sure since we are obsoleting 5966. Will discuss with my other
authors.
IF TCP -> If TCP
fastopen -> Fast Open
TFO.From -> TFO. From
Thanks for the review,
John
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
