Re: [DNSOP] Second Working Group Last Call for draft-ietf-dnsop-extended-error
In section 3.21 3.21. Extended DNS Error Code 20 - Lame An authoritative server that receives a query (with the RD bit clear) for a domain for which it is not authoritative SHOULD include this EDE code in the SERVFAIL response. A resolver that receives a query (with the RD bit clear) SHOULD include this EDE code in the REFUSED response. The above case is not consistent with current authoritative server behavior. The authoritative servers I have tested all return REFUSED, not SERVFAIL, regardless of the query RD bit, when the server does not allow recursion, and the server is not authoritative for the zone. I would change to: 3.21. Extended DNS Error Code 20 - Not Authoritative An authoritative server that receives a query (with the RD bit clear, or when not configured for recursion) for a domain for which it is not authoritative SHOULD include this EDE code in the REFUSED response. A resolver that receives a query (with the RD bit clear) SHOULD include this EDE code in the REFUSED response. IMO, while "lame" is a valid term, quite frankly, it's not nearly as clear in meaning as just saying "not authoritative". To me, "lame" is at the delegation (referring server), not the targeted server. -- Michael Sheldon Dev-DNS Services GoDaddy.com ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Second Working Group Last Call for draft-ietf-dnsop-extended-error
On Thu, Sep 12, 2019 at 09:51:25AM -0400, Tim Wicinski wrote a message of 90 lines which said: > We had such great comments the first time we did a Working Group > Last Call for draft-ietf-dnsop-extended-error, that the chairs > decided a second one would be even better. IMHO, the document is good. I like the fact there is no longer a limitation of a given EDE to some RCODEs (it makes things simpler). Some details, all editorial: * it could be a good idea to add more specific references for the EDE. For instance, 3 "Stale Answer" could have a reference to draft-ietf-dnsop-serve-stale. * I think that many people will be confused with 15, 16, 17 and 18. Suggestions: * remove 18, which is redundant with 15 (if the user chooses the resolver, and he should have the right to do so, 15 and 18 are the same). 18 is meaningful only if the user does have a simple way to change this behaviour. * Add to the definition of 15 "The policy was decided by the server administrators" * Add to the definition of 16 "This means that the policy was not decided by the server administrators, and it is probably useless to complain to them". ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop