Hi Peter,
On 06/03/2023 23:31, Peter Thomassen wrote:
I just went over the updated wording in draft-ietf-dnsop-rfc8499bis-05,
and the paragraph
https://www.ietf.org/archive/id/draft-ietf-dnsop-rfc8499bis-05.html#section-7-2.36 caught my attention.
It uses the term "zone origin", but doesn't say whether it relates to
the parent or child zone. I was assuming the child, and it took me a
while to make sense of it (until I noticed that it must mean the parent).
Thank you for your clarification. This feedback will incorporated in a
next revision of the document.
I'd like to suggest clarifying that paragraph. That brings me to your
question below:
On 11/25/22 14:38, Benno Overeinder wrote:
Thank you for your input and your suggestion to come up with a more
specific terminology for the "historical" out-of-bailiwick term. In
the definition of in-domain and sibling domain, you suggest using the
0th and 1st order in the definition? And for out-of-bailiwick use a
term like "2nd+ order nameservers"?
Pretty much. Here is a version of it that's hopefully better to grasp
than my previous post, and has examples.
There are various degrees of relationship between a delegation and its
name servers. The degree depends on where theirdelegation paths from
the root intersect with the delegated zone's delegation path.
To establish the degree of relationship for a given name server, count
how many zone cuts in the delegation path from the root to the zone of
interest are shared by the delegation path of that name server.
This is
a measure of unrelatedness between the zone and its name server,
called
"degree ofkinship".
If the degree is 0, then the NS hostname is "in-domain". For example,
a delegation for "child.example.com" might have an in-domain name
server
called "ns.child.example.com". The name server name has all the zone
cuts from the root that the delegated domain has.
If this number is non-zero, then the delegation path to the name
server
name branches off from the zone's delegation path. The "degree of
kinship" tells you how many zone cuts above the zone of interest this
happens. For example, a delegation for "child.example.com" in the
"example.com" zone might have a "sibling domain" name server called
"ns.another.example.com", which does not share the final zonecut of
"child.example.com". The branching is at "example.com", and the
degree
of kinship is 1.
An unrelated relationship is one where the degree of kinship is larger
than 1. For example, the delegation for "example.jp" might have an
name server "ns.example.com". The delegation paths alreadydiverge at
the root, 2 zone cuts above "example.jp".
This may be a bit verbose, but I'm sure it can be reduced to four
paragraphs, if needed, that are easier to digest than the four
paragraphs the draft currently has for these definitions.
While writing the above, I again stumbled over the term "unrelated name
server". It could mean all kinds of things, such as a name server that
doesn't claim to be authoritative. People don't always have the
definitions at hand, and I think using that term is a risky choice
(especially as "unrelated" is a word from every-day language).
Thank you for further explaining your idea and concept of degree of
kinship. The chairs agree that the term "unrelated" is a
general/everyday language word and not very specific. We tried to come
up with a better, more specific word, also with help from others, but we
and the WG could not come up with a better term.
While the degree of kinship is more specific and helps us define the
term "unrelated", we feel it adds some complexity to the glue definition
and is otherwise not used/relevant in the document. Therefore, we
suggest that the authors stick to the use of the term "unrelated name
server".
Best regards,
-- Benno
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
