On 13 Dec 2023, at 18:12, Paul Wouters <p...@nohats.ca> wrote: > On Wed, 13 Dec 2023, Joe Abley wrote: > >>> On 13 Dec 2023, at 16:37, Paul Wouters <p...@nohats.ca> wrote: >>> >>> It should probably change TCP to “source IP validated transports (dns over >>> stuff, tcp and udp cookies) >> >> Since it is possible to imagine networks in which source address spoofing is >> not possible, and hence in which queries received over UDP could be said to >> fit that description, any phrase like that would need a careful definition. > > Why? If the network has a guarantee against source spoofing, isn't it by > definition that its UDP is a "source IP validated transport" ?
Well, because private networks leak all over the place, and I think we want to be conservative in what we recommend is implemented. More generally, "validated" invites the question of who is validating what and how, and I think there is a big set of possible answers to that question. >> However if we just mean "all transports currently defined that are not UDP" >> we could just say that. Anticipating the full range of variables associated >> with future transports that are not yet specified seems a bit much. > > I dont think we should say that. Especially also because UDP with > COOKIES is a source ip validated transport. Imagining that we fixed the phrase to accommodate the case of UDP transport with cookies, why? Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop