Hi,
regarding the question of "necessary" versus "useful". I apologize, but
I must kind-of undermine the question.
Imagine that a delegation is supplemented with an SVCB record that
describes how to connect securely (with TLS) to the delegated
nameserver. (Dunno if this really can happen today, but it's an
imaginable situation in general.)
Then the SVCB is not necessary for the DNS resolution per se, but it is
necessary for the resolution to proceed securely. If the client's policy
is "privacy or nothing", then they will not proceed with the resolution
unless the SVCB is returned. As a consequence, the record is not
necessary to some clients (but may still be useful), but necessary to
others. Thus, the term necessary is relative and it can hardly be used
in the definition of glue.
Thank you for considering my comment :)
Libor
Dne 03. 11. 22 v 22:48 Benno Overeinder napsal(a):
Dear WG,
With the DNSOP rfc8499bis interim in September, we had the action
point to send two questions to the DNSOP WG to find consensus on the
bailiwick and glue discussion.
You can find the interim meeting material here
https://datatracker.ietf.org/meeting/interim-2022-dnsop-02/session/dnsop
and the recording of session here https://youtu.be/wY7-f40lDgU.
This is the second email to the WG, focussing on the definition of glue.
Questions:
2. Definition of Glue provided by Duane Wessels on the DNSOP WG mailing
list:
"Glue is non-authoritative data in a zone that is transmitted in the
additional section of a referral response on the basis that the data
might be necessary for resolution to proceed at the referred name
servers."
On the mailing list, we have seen a discussion about "necessary"
versus "useful". In this context glue is defined to be exclusively
A/AAAA records (traditional understanding), or do we also consider
other RRtypes to be glue, e.g. SCVB/HTTPS or DS records? Concern is
that "useful" may lead to a definition that is too broad.
Taking the last point a step further: if the definition is expanded
and glue-is-not-optional becomes a requirement then responses may grow
in size and exceed fragmentation/truncation thresholds and lead to
more TCP.
Remark by WG during interim meeting: One might need a registry for
RRtypes being glue (in the future).
Thanks,
-- Suzanne, Tim and Benno
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
