On 11/14/23 12:50, [email protected] wrote:
Abstract:
This document specifies a method for a DNS client to request
additional DNS record types to be delivered alongside the primary
record type specified in the question section of a DNS query.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-bellis-dnsext-multi-qtypes/
I think this draft proposal a reasonable method for requesting multiple record
types.
Section 3.2.1 has three occurrences of "SHOULD/MUST attempt to" do things, such
as:
MUST attempt to return all specified RR types except where ...
Under which circumstances is the "attempt" sufficient? (Is the attempt allowed to fail
under circumstances beyond what's in the "except" clause?)
Generally, my feeling is that both "MUST attempt" and "SHOULD attempt" actually are
"SHOULD".
In Section 3.2.3:
If the DNS client sets the "DNSSEC OK" (DO) bit in the query
then the server MUST also return the related DNSSEC records
that would have been returned in a standalone query for the
same QTYPE.
That MUST is stronger than the "MUST attempt" for the rdata itself. I guess what's meant
is something like "MUST return the related DNSSEC records for any returned RRsets, in the same
way as they would have been returned ...".
Also, "for the same QTYPE" is unclear, it might be misread to refer to the QTYPE
appearing in the question section. I guess what's meant is "for the respective QTYPE".
Regarding Section 3.1, I tend to agree with Paul's perspective on QTYPE
encoding via bit map.
Best,
Peter
--
https://desec.io/
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
