> On 18 Mar 2024, at 9:32 AM, Dave Lawrence wrote:
>
> Shumon Huque writes:
>> The draft allows (but does not proscribe) NXDOMAIN to be inserted
>> into the Rcode for non DNSSEC enabled responses. I guess the main
>> reason for not being proscriptive was what I mentioned - there were
>>
Shumon Huque writes:
> The draft allows (but does not proscribe) NXDOMAIN to be inserted
> into the Rcode for non DNSSEC enabled responses. I guess the main
> reason for not being proscriptive was what I mentioned - there were
> deployments in the field that didn't. But I'm amenable to tightening
On Sun, 17 Mar 2024, Shumon Huque wrote:
The draft allows (but does not proscribe) NXDOMAIN to be inserted into
the Rcode for non DNSSEC enabled responses. I guess the main reason
for not being proscriptive was what I mentioned - there were deployments
in the field that didn't. ...
You're
On Sun, Mar 17, 2024 at 9:08 AM John Levine wrote:
> It appears that Dave Lawrence said:
> >Stephane Bortzmeyer writes:
> >> > One current implementation does not differentiate DO=0 vs 1 and gives
> the
> >> > same NODATA answer for both cases.
> >>
> >> Yes. I see no practical problem with
It appears that Dave Lawrence said:
>Stephane Bortzmeyer writes:
>> > One current implementation does not differentiate DO=0 vs 1 and gives the
>> > same NODATA answer for both cases.
>>
>> Yes. I see no practical problem with that but, from a philosophical
>> point of view, it disturbs me.
Shumon Huque writes:
> I've been told the other way is confusing too - we get a different response
> depending on the value of the DO flag. Since it isn't clear to me which way
> is the least worse, I'm fine with leaving the text as is.
Of course, we already get different responses depending on
Stephane Bortzmeyer writes:
> > One current implementation does not differentiate DO=0 vs 1 and gives the
> > same NODATA answer for both cases.
>
> Yes. I see no practical problem with that but, from a philosophical
> point of view, it disturbs me. Naive clients may make wrong
> conclusions from
On Sat, Mar 16, 2024 at 4:11 PM Stephane Bortzmeyer
wrote:
> On Sat, Mar 16, 2024 at 01:27:00PM -0700,
> Shumon Huque wrote
> a message of 236 lines which said:
>
> > > * is there an EDE which is recommended when replying to an
> > > explicit request for a meta-type (like QTYPE=NXNAME)?
> >
>
On Sat, Mar 16, 2024 at 01:27:00PM -0700,
Shumon Huque wrote
a message of 236 lines which said:
> > * is there an EDE which is recommended when replying to an
> > explicit request for a meta-type (like QTYPE=NXNAME)?
>
> It doesn't, but could. I don't see an obviously applicable EDE code
On Thu, Mar 14, 2024 at 2:45 AM Peter Thomassen wrote:
> Hi Shumon et al.,
>
> On 3/5/24 08:15, internet-dra...@ietf.org wrote:
> > Internet-Draft draft-ietf-dnsop-compact-denial-of-existence-03.txt is now
> > available. It is a work item of the Domain Name System Operations
> (DNSOP) WG
> > of
On Sat, Mar 16, 2024 at 1:10 AM Stephane Bortzmeyer
wrote:
> On Mon, Mar 04, 2024 at 02:15:55PM -0800,
> internet-dra...@ietf.org wrote
> a message of 48 lines which said:
>
> > Internet-Draft draft-ietf-dnsop-compact-denial-of-existence-03.txt is now
> > available. It is a work item of the
On Mon, Mar 04, 2024 at 02:15:55PM -0800,
internet-dra...@ietf.org wrote
a message of 48 lines which said:
> Internet-Draft draft-ietf-dnsop-compact-denial-of-existence-03.txt is now
> available. It is a work item of the Domain Name System Operations (DNSOP) WG
> of the IETF.
I just
Hi Shumon et al.,
On 3/5/24 08:15, internet-dra...@ietf.org wrote:
Internet-Draft draft-ietf-dnsop-compact-denial-of-existence-03.txt is now
available. It is a work item of the Domain Name System Operations (DNSOP) WG
of the IETF.
I added a PR with some suggestions here:
Internet-Draft draft-ietf-dnsop-compact-denial-of-existence-03.txt is now
available. It is a work item of the Domain Name System Operations (DNSOP) WG
of the IETF.
Title: Compact Denial of Existence in DNSSEC
Authors: Shumon Huque
Christian Elmerot
Olafur
14 matches
Mail list logo
