Hi Andrew
On Mon, May 28, 2018 at 01:22:12PM -0400, Andrew Sullivan wrote:
> Dear colleagues,
>
> As a consequence of some of the discussion about clarifying the term
> "referrals" in terminology-bis, it became clear that we didn't really
> have a place that said not to do upward referrals. So, Joe Abley and
> I put this little draft together:
>
> https://tools.ietf.org/html/draft-sullivan-dnsop-refer-down-00
>
> I _think_ it is useful, but it didn't get much comment when we put it
> out because everyone was paying attention to the terminology
> document. Does anyone else think it's useful? If so, and some people
> are prepared to do some reviews, I'm prepared to work on it. But it's
> about to expire, and if nobody else thinks it's worth the wasted
> electrons I don't feel strongly enough about it to have the fight.
RFC 1034 mentions how to handle upward referrals - ignore them. Section
5.3.3:
If the response shows a delegation, the resolver should check to see
that the delegation is "closer" to the answer than the servers in SLIST
are. This can be done by comparing the match count in SLIST with that
computed from SNAME and the NS RRs in the delegation. If not, the reply
is bogus and should be ignored. If the delegation is valid the NS
delegation RRs and any address RRs for the servers should be cached.
The name servers are entered in the SLIST, and the search is restarted.
But I do note the difference that your document is about "don't create
upward referrals" whereas the above is "don't accept upward referrals".
Mukund
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
