On Thu, Jul 11, 2024 at 09:39:04AM +0200, Philip Homburg wrote:
> >Operations may be better served by a minimum expected level than a
> >maximum.
>
> This is a matter of wording.
>
> Yes, it is possible to specify a minimum level that is expected from, for
> example, a recursive resolver.
>
> However this is likely to become a maximum that a zone owner can rely on
> to work on the internet.
My concern is this too. The DNS works today. In several implementations,
limits were added or decreased in recent months/years due to CVEs (and
there will be more limits shortly). I don't know if there has been any
study of what the impact of these changes was. In the case of our
implementation with customers who have config knobs to change these
limits, we haven't had any significant number of reports of breakage
(the product is widely used at large-scale).
I feel that prescribing limits will make DNS inflexible for use-cases
that we in our current generation have not imagined of. The fact that
DNS today is malleable is because RFC 1034/35 were very open-ended and
not rigid.
Mukund
>
> However I can understand that for some people a minimum may sound
> more comfortable. So maybe a next version of the draft can use that kind
> of wording.
>
> _______________________________________________
> DNSOP mailing list -- dnsop@ietf.org
> To unsubscribe send an email to dnsop-le...@ietf.org
_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org
