I don’t think you intended this - but for DNSSEC validation, the set has to be sorted so don’t MUST NOT that … but I get that this is just a matter of wording in a suggestion. Perhaps, “shuffle on send/reply” is what is desired, what a protocol element does internally is up to its maker.
The root cause of this is programmers, in many situations, expect one value to be returned and not a list or set. Dealing with what a “set” is is also a weakness in coding. I keep thinking back to my first experiences with gethostbyname and only ever looking at the first returned value until I realized there was an array. (I never thought much about the “[0]” thing in all the examples back then.) > On Nov 7, 2024, at 10:37, Ben Schwartz <[email protected]> > wrote: > > I would support a draft that says "every authoritative, recursive, forwarder, > stub, and application SHOULD shuffle the RRset, and MUST NOT sort it". Yes, > it would suffice that any one of them complies with this recommendation, but > the more components comply, the lower the risk of a biased overall system. > > --Ben Schwartz > From: Joe Abley <[email protected] <mailto:[email protected]>> > Sent: Tuesday, November 5, 2024 9:13 AM > To: Shane Kerr <[email protected] <mailto:[email protected]>> > Cc: [email protected] <mailto:[email protected]> <[email protected] > <mailto:[email protected]>> > Subject: [DNSOP] Re: New draft: DNS Servers MUST Shuffle Answers > > > > On 5 Nov 2024, at 14:48, Joe Abley <[email protected] > <mailto:[email protected]>> wrote: > > > The idea of making a protocol change in the DNS to work around behaviour > > that might be fixable in one point release of Android and iOS > > ... seems less than ideal, I meant to say. Sorry, clicked send a bit early. > Perhaps both those things were obvious :-) > > > Joe > _______________________________________________ > DNSOP mailing list -- [email protected] <mailto:[email protected]> > To unsubscribe send an email to [email protected] > <mailto:[email protected]> > _______________________________________________ > DNSOP mailing list -- [email protected] <mailto:[email protected]> > To unsubscribe send an email to [email protected] > <mailto:[email protected]>
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
