Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-20 Thread Tony Finch
Matthijs Mekking wrote: > The main argument for putting it in the additional section is that given > the experience with DNAME, putting the ANAME in the answer section there > is a risk of interop problems (because there is an unexpected record in > the answer section). I think ANAME will cause

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-14 Thread Thomas Peterson
I don't believe this answers your question directly, however late last year I performed some analysis[0] that showed that 64.17% of the Alexa Top 1 million domains I had queried for www records returned CNAME records that pointed to apex A records. If it is of use for this work I could re-run t

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-14 Thread Bob Harold
On Thu, Jun 13, 2019 at 6:34 PM Brian Dickson wrote: > > > On Thu, Jun 13, 2019 at 1:51 PM Bob Harold wrote: > >> >> On Thu, Jun 13, 2019 at 1:50 PM Brian Dickson < >> brian.peter.dick...@gmail.com> wrote: >> >>> >>> >>> On Wed, Jun 12, 2019 at 1:11 AM Matthijs Mekking >>> wrote: >>> Brian

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-14 Thread Matthijs Mekking
Brian, On 6/13/19 7:50 PM, Brian Dickson wrote: > > > On Wed, Jun 12, 2019 at 1:11 AM Matthijs Mekking > wrote: > > Brian, > > Thanks for the detailed background on why DNAME worked. There are a few > things that caught my attention: > > > When

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-13 Thread Brian Dickson
On Thu, Jun 13, 2019 at 1:51 PM Bob Harold wrote: > > On Thu, Jun 13, 2019 at 1:50 PM Brian Dickson < > brian.peter.dick...@gmail.com> wrote: > >> >> >> On Wed, Jun 12, 2019 at 1:11 AM Matthijs Mekking >> wrote: >> >>> Brian, >>> >>> Thanks for the detailed background on why DNAME worked. There

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-13 Thread Bob Harold
On Thu, Jun 13, 2019 at 1:50 PM Brian Dickson wrote: > > > On Wed, Jun 12, 2019 at 1:11 AM Matthijs Mekking > wrote: > >> Brian, >> >> Thanks for the detailed background on why DNAME worked. There are a few >> things that caught my attention: >> >> > When a recursive queried an authority server,

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-13 Thread Joe Abley
Hey Matthijs, On 12 Jun 2019, at 04:11, Matthijs Mekking wrote: > Thanks for the detailed background on why DNAME worked. There are a few > things that caught my attention: > >> When a recursive queried an authority server, if it got back a DNAME >> but did not understand it, it ignored the DNA

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-13 Thread Brian Dickson
On Wed, Jun 12, 2019 at 1:11 AM Matthijs Mekking wrote: > Brian, > > Thanks for the detailed background on why DNAME worked. There are a few > things that caught my attention: > > > When a recursive queried an authority server, if it got back a DNAME > but did not understand it, it ignored the DN

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-12 Thread Matthijs Mekking
Brian, Thanks for the detailed background on why DNAME worked. There are a few things that caught my attention: > When a recursive queried an authority server, if it got back a DNAME but did not understand it, it ignored the DNAME but processed the CNAME (as if only the CNAME existed) (plus any o

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-12 Thread Matthijs Mekking
On 6/12/19 4:41 AM, Joe Abley wrote: > On Jun 11, 2019, at 20:11, Anthony Eden > wrote: > >> I'm a fan of Michael's suggestion of using EDNS to signal that the >> authoritative should return ALIAS vs synthesizing. Any reason this won't >> work? > > It won't work unless it's implemented. On

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Evan Hunt
On Tue, Jun 11, 2019 at 08:11:51PM -0400, Anthony Eden wrote: > I'm a fan of Michael's suggestion of using EDNS to signal that the > authoritative should return ALIAS vs synthesizing. Any reason this won't > work? Not that I can think of, but it adds significant implementation complexity in order

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Brian Dickson
On Tue, Jun 11, 2019 at 6:35 PM Joe Abley wrote: > On Jun 11, 2019, at 20:04, Evan Hunt wrote: > > > MHO, the ANAME is the real answer we're sending; the A and records > > are just friendly hand-holding for legacy servers. It doesn't make sense > > to me to demote the real answer into the

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Joe Abley
On Jun 11, 2019, at 20:11, Anthony Eden wrote: > I'm a fan of Michael's suggestion of using EDNS to signal that the > authoritative should return ALIAS vs synthesizing. Any reason this won't work? It won't work unless it's implemented. On a grand scale, then, it won't work unless it's implement

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Joe Abley
On Jun 11, 2019, at 20:04, Evan Hunt wrote: > MHO, the ANAME is the real answer we're sending; the A and records > are just friendly hand-holding for legacy servers. It doesn't make sense > to me to demote the real answer into the additional section, any more than > it would have to move DN

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Anthony Eden
I'm a fan of Michael's suggestion of using EDNS to signal that the authoritative should return ALIAS vs synthesizing. Any reason this won't work? -Anthony On Tue, Jun 11, 2019 at 8:05 PM Evan Hunt wrote: > On Tue, Jun 11, 2019 at 10:31:55AM +0200, Matthijs Mekking wrote: > > The main argument f

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Evan Hunt
On Tue, Jun 11, 2019 at 10:31:55AM +0200, Matthijs Mekking wrote: > The main argument for putting it in the answer section is that putting > it in the additional section implies a lower trust level, and that the > record is optional and can be removed when minimizing responses. I'm inclined to fav

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Michael J. Sheldon
On 6/11/19 5:53 AM, Bob Harold wrote: > > If the camel was not already overloaded, then a cautious approach might > be to put it in the additional section, *unless* there was a capability > signal in the request that indicated that the requester would understand > ANAME, or at least not have a pro

Re: [DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Bob Harold
On Tue, Jun 11, 2019 at 4:32 AM Matthijs Mekking wrote: > All, > > > While working on the next version of the ANAME draft, one additional > question came up: When querying for A or , we want to include the > ANAME in the response as a signal to anticipate aliasing. Should we > include the AN

[DNSOP] ANAME in answer or additional section [issue #62]

2019-06-11 Thread Matthijs Mekking
All, While working on the next version of the ANAME draft, one additional question came up: When querying for A or , we want to include the ANAME in the response as a signal to anticipate aliasing. Should we include the ANAME record in the answer section or the additional section? The main