On 29. 06. 26 17:59, [email protected] wrote:
    Name:    draft-ietf-dnsop-delext-07.txt

I'm seeking wisdom of WG about couple things:

3.1.1. Criteria for Delegation Type Allocation The RR type is intended to appear at a delegation point as authoritative data in the delegating zone, in a manner analogous to the DS record as defined in [RFC4034].

    The RR type carries information that is intended to be acted upon by a 
resolver during the process of following a referral. This includes information 
used prior to sending queries to the authoritative servers for the delegated 
zone, or after the referral has been followed, such as material used to 
authenticate a DNSKEY in the delegated zone.

    The RR type is not intended to appear as authoritative data within the 
delegated zone itself.

RR types that do not meet all of these criteria MUST NOT be allocated from the 
Delegation Types range.

A record type may be useful in the context of delegation, but that does not by 
itself qualify it for allocation as a Delegation Type. Record types that convey 
information useful to resolvers but that are intended to appear within a zone 
rather than at its delegation point in the delegating zone are Data Types and 
MUST be allocated accordingly.

I wonder if we want to explicitly allow things which are not strictly delegation or DNSSEC but are somehow related to the structure of DNS namespace. Say DBOUND came up with a RR type which denotes ... something ... and they wanted to put that next to NS/DELEG RRsets.

How does that sound?

My point is - we have DS type which is not a delegation, but bunch of octets next to delegation. Perhaps there will be use-case for something similar down the road, and I would hate to go through the same process only because we painted ourselves into a corner.

I wonder if this falls within 'policy information' mentioned in Appendix A?

 Appendix A. Services Provided by Delegation Types

Services provided by Delegation Types consist of information useful to a 
resolver when connecting to servers responsible for the delegated namespace. 
This can include, but is not limited to, secure transport parameters, policy 
information about zones, and DNSSEC security parameters.



 3.1.2. Private Use Range

The range 0xF1F0-0xF1FF is reserved for Private Use in accordance with 
[RFC8126]. Values in this range MUST NOT be published in zones intended for the 
public DNS and MUST NOT be used in any context where interoperability with 
implementations outside a private network is required.

I think we should remove sentence "Values in this range MUST NOT be published in zones intended for the public DNS" and keep only "MUST NOT be used in any context where interoperability with implementations outside a private network is required.". Otherwise we would need sub-range for experiments, and I think it is not necessary.

What does the group think?


Last, one nitpick I can't decide how to approach:

> 3. Delegation Types
>
> [RFC6895] lists three subcategories of RR type numbers: data TYPEs, QTYPEs, and Meta-TYPEs. This specification adds a fourth subcategory: Delegation Types.
>
> Section 9.3 requests IANA to allocate the ranges 0xF000-0xF1EF and 0xF1F0-0xF1FF for Delegation Types.

Do people find it confusing that the original NS RR type is not labeled as 'Delegation Type'?

I'm trying to find a way to say 'NS also creates delegation, but it is not labeled as Delegation Type because ...' but I'm coming up blank. Perhaps it's just in my head, but I wanted to check.

--
Petr Špaček

_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to