On 5/1/23, 12:43 PM, "DNSOP on behalf of Wessels, Duane"
<dnsop-boun...@ietf.org on behalf of dwessels=40verisign....@dmarc.ietf.org>
wrote:
> My preferred definition is the one originally given by Paul Vixie, amended
> by myself, and further amended by Peter Thomassen:
>
> A lame delegation is said to exist when one or more authoritative
> servers designated by the delegating NS rrset or by the child's apex NS
> rrset answers non-authoritatively for a zone.
The trouble I have with this definition is that servers don't "answer ... for a
zone", they answer specific queries.
Plus, the adjective "authoritative" is redundant, as " designated by the
delegating NS rrset or by the child's apex NS rrset" includes all authoritative
servers (and then some, if you don’t include a parent NS name not in the child
NS name as authortitative).
And, as DNS data is constantly changing, what's in or out of an NS set or
authoritatively answered may change from moment to moment (so I add 'assumed'
below):
A lame delegation is said to exist when a server assumed (by the querier) to be
authoritative for a zone replies non-authoritatively for {any|all} data within
the zone.
1) Answering authoritatively means that the answer section matches the query
and the AUTHORITATIVE ANSWER bit is properly set - this ought to be in its own
definition.
2) A server may be assumed to be authoritative for a zone if the server is
listed in a current NS set for the zone, whether that set is published by the
delegating zone at a cut point or by the zone itself at its apex. This also
should be a separate definition. ...The undefined term in that is "current" -
meaning - a NS set that is still within the TTL upon arrival...
3) {any|all} open question...can a server be "partially lame?"
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
