On Thu, Jul 2, 2020 at 9:14 AM Paul Hoffman <paul.hoff...@icann.org> wrote:
> The interpretation of whether a partial RRset is allowed by 1035/2181 made > by JohnL, PaulV, and MukundS are all plausible and conflicting. RFC 1035 > and RFC 2181 are unclear about whether an RRset that is required in a reply > can be partial. > > draft-ietf-dnsop-glue-is-not-optional as it stands is probably not the > best place to update the understanding of the standards-level relationship > between partial RRsets, the TC bit, and what parts of a response are > required. Doing so is adventurous, time-consuming, and will almost > certainly cause multiple current implementations to be out of compliance. > > It is probably still worth doing, albeit carefully. A bad outcome would be > finishing the document due to exhaustion instead of consensus. > I agree with Paul H in this regard. Here's how I see it: the update to 1035 is necessary, but not sufficient (probably). Note that 1035 itself predates EDNS, so advice on TC alone is good, but for the population of DNS implementations doing EDNS, perhaps we could take advantage of its existence? There are a whole bunch of unused bits in the core element of the OPT RR (the place where the DO bit exists). That would be an excellent (IMHO) place to signal the situation here (partial glue truncation). Such a bit would hopefully disambiguate the cases where TC=1 is set, allowing for graceful handling (try to use the available glue, prepare for the failure case and retry over TCP if it does fail). Thoughts? Brian
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
