Re: [DNSOP] Another attempt at consensus on the bailiwick discussion

Thu, 16 Dec 2021 10:55:54 -0800 


Ben Schwartz wrote on 2021-12-16 10:45:

On Wed, Dec 15, 2021 at 3:56 PM Wessels, Duane 
<dwessels=40verisign....@dmarc.ietf.org 
<mailto:40verisign....@dmarc.ietf.org>> wrote:


    For me “necessary” is an important distinction and “might be useful”
    is too broad or ambiguous.  I have a hard time reconciling the idea
    that glue is not optional with the idea that it might be useful.



My view is less like "might be useful for reaching the nameserver", and 
more like "intended for use in connecting to the nameserver".  A record 
is "glue" if it is provided for the purpose of helping the 
resolver connect to the nameserver indicated in the NS record.



the AAAA or A RRsets which are beneath delegation points will never be 
answered authoritatively by the zone's servers. they will either come as 
referral glue when asking for other names at/below that delegation 
point, or they will come as referral glue when asking for them by name.



so they do seem "necessary" since there is no other way to get them from 
the zone's servers except by asking a question which inspires the server 
to add them to the additional data section of a referral response.



of course, they may be held as glue higher up the hierarchy. for example 
we might get ns-ext.vix.com's AAAA/A RR from the root or COM servers 
when forwarding a question for www.vix.com to one of those servers. but 
if it doesn't come from there, it had better come from vix.com's 
servers, but since it's below a delegation point, it can only be sent by 
the vix.com zone servers as additional data in a referral response.



perhaps the nomenclature should be "referral glue" to drive home the 
point about where it will appear, and disambiguate from whatever DPRIVE 
is thinking about, and avoid the use of the words "necessary" or "useful".



"Necessary" doesn't work, in my view.  Whenever there are multiple A or 
AAAA glue RRs, each RR is not individually "necessary".   Any glue AAAA 
RRSet is basically never "necessary".



i think that's a corner case, unworthy of the complexity of describing 
it. if there is only one name server for a zone, and it has only one 
kind of IP connectivity, then that one AAAA (or A) RRset will be 
"neccessary". this highlights the benefit of not using words like 
"necessary" or "glue" since they drag in unnecessary outer concepts.


vixie

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

























					Reply via email to