On Tue, Jul 31, 2018 at 04:14:41PM -0400, Tom Pusateri wrote: > > > > On Jul 31, 2018, at 3:53 PM, Tom Pusateri <pusat...@bangj.com> wrote: > > > >> > >> If the RCODE is set to any value other than NOERROR (0) or DSOTYPENI > >> ([TBA2] tentatively 11), then the client MUST assume that the server > >> does not implement DSO at all. In this case the client is permitted > >> to continue sending DNS messages on that connection, but the client > >> SHOULD NOT issue further DSO messages on that connection. > >> > >> I'm confused how the server would still have proper framing for subsequent > >> DNS messages, since the DSO TLVs would be "spurious extra data" after a > >> request header and potentially subject to misinterpretation as the start of > >> another DNS message header. > > > > Yes, this is a serious oversight. I think we are going to need to encode > > differently to make all the TLVs look like an RR externally so the RDLEN > > can be used to skip them and add a single count or switch the TLV syntax > > back to RR syntax. The existing DNS header format / RR format is less than > > ideal... > > > > My co-authors reminded me about the TCP framing for DNS which gives the > length of the DNS message so it can easily be skipped so this isn’t a problem.
Ah, that would do the trick. It looks like I only chased up through the header format in 1035 and didn't scroll down to the "TCP usage" section. Sorry for the noise. -Benjamin _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop