> An important thing we really should define is safeguards for loop prevention (eg, an EDNS0 hop-count limit or something like > rfc8586 which defines CDN-Loop). Doing this without Loop Prevention > is dangerous, at least based on experience with similar patterns > in the CDN world. Even if we don't define the broader specification, > I'd be very interested in seeing standardization of loop prevention > in both recursive and authoritative forwarding setups.
Yes, it is a good idea to try to do something about loop prevention. It is not clear to me how to do that in a way that fits DNS. Just putting in a list of hostnames feels wrong, but maybe it is a good starting point. > There's lots of work that would be needed on this draft (I'm > not sure that the way TTLs are handled is the only way we might > want to define, as there may be other approaches). Similarly, > it may make sense to allow ECS under certain circumstances (for > example, if DoT or DoQ is used from the forwarding proxy to the > origin authoritative). Returning anything other than the original TTL may cause a lot of confusion. But there may be many ways that a cache can be kept up-to-date. We have to see which ones are expected to be common enough to be worth documenting. I don't really know what ECS looks like from an authoritative point of view. How is that kind of data distributed from a primary to secondaries? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop