> On Jul 31, 2018, at 3:53 PM, Tom Pusateri <[email protected]> wrote: > >> >> If the RCODE is set to any value other than NOERROR (0) or DSOTYPENI >> ([TBA2] tentatively 11), then the client MUST assume that the server >> does not implement DSO at all. In this case the client is permitted >> to continue sending DNS messages on that connection, but the client >> SHOULD NOT issue further DSO messages on that connection. >> >> I'm confused how the server would still have proper framing for subsequent >> DNS messages, since the DSO TLVs would be "spurious extra data" after a >> request header and potentially subject to misinterpretation as the start of >> another DNS message header. > > Yes, this is a serious oversight. I think we are going to need to encode > differently to make all the TLVs look like an RR externally so the RDLEN can > be used to skip them and add a single count or switch the TLV syntax back to > RR syntax. The existing DNS header format / RR format is less than ideal... >
My co-authors reminded me about the TCP framing for DNS which gives the length of the DNS message so it can easily be skipped so this isn’t a problem. Thanks, Tom
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
