[prev in list] [next in list] [prev in thread] [next in thread] 

List:       namedroppers
Subject:    Re: draft-ietf-dnsext-unknown-rrs-04.txt
From:       gson () nominum ! com (Andreas Gustafsson)
Date:       2003-02-26 1:37:00
[Download RAW message or body]

Erik Nordmark writes:
> Since you seem to understand my concern but disagree with every textual
> proposal I suggest to try to make things more clear, why
> don't you suggest some clarifications to the text that make things
> more clear?

Since this perceived lack of clarity seems to be related to the use of
the time of publication of RFC2931 as a flag day, would you find it
clearer if the time of publication of unknown-RRs itself as an RFC
were used instead?

Here is an updated and expanded section 7 with this change as well as
some added rationale and other clarifications.  Using this text will
of course require that no new RR types with embedded domain names are
defined before this is published as an RFC.  Also, the RFC editor
needs to replace "TBD" with the actual RFC number of the unknown-rrs
RFC itself.


   7. DNSSEC Canonical Form and Ordering

   DNSSEC defines a canonical form and ordering for RRs [RFC2535, section
   8.1].  In that canonical form, domain names embedded in the RDATA are
   converted to lower case.

   The downcasing is necessary to ensure the correctness of DNSSEC
   signatures when case distinctions in domain names are lost due to
   compression, but since it requires knowledge of the presence and
   position of embedded domain names, it cannot be applied to unknown
   types.

   To ensure continued consistency of the canonical form of RR types
   where compression is allowed, and for continued interoperability
   with existing implementations that already implement the RFC2535
   canonical form and apply it to their known RR types, the canonical
   form remains unchanged for all RR types whose whose initial
   publication as an RFC was prior to the initial publication of this
   specification as an RFC (RFC TBD).

   As a courtesy to implementors, it is hereby noted that the complete
   set of such previously published RR types that contain embedded
   domain names, and whose DNSSEC canonical form therefore involves
   downcasing according to the DNS rules for character comparisons,
   consists of the RR types NS, MD, MF, CNAME, SOA, MB, MG, MR, PTR,
   HINFO, MINFO, MX, HINFO, RP, AFSDB, RT, SIG, PX, NXT, NAPTR, KX,
   SRV, DNAME, and A6.

   This document specifies that for all other RR types (whether
   treated as unknown types or treated as known types according to an
   RR type definition RFC more recent than than RFC TBD), the
   canonical form is such that no downcasing of embedded domain names
   takes place, and otherwise identical to the canonical form
   specified in RFC2535 section 8.1.

   Note that the owner name is always set to lower case according to the
   DNS rules for character comparisons, regardless of the RR type.

   The DNSSEC canonical RR ordering is as specified in RFC2535 section
   8.3, where the octet sequence is the canonical form as revised by this
   specification.


Would this text be acceptable?
-- 
Andreas Gustafsson, gson@nominum.com

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>
[prev in list] [next in list] [prev in thread] [next in thread]