[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: axfr-clarify supporting unauthorized users
> "D. J. Bernstein" wrote:
>
> > Mark.Andrews@isc.org writes:
> >
> > > > Of course, there's also no support in RFC 1034 for your strange claim
> > > > that a closed connection is not ``an error.''
> > > Closing a connection is not sending back a error message.
> >
> > On the contrary. I agree that FIN is, in this context, not a
> > particularly _informative_ error message, but REFUSED and SERVFAIL
> > aren't particularly informative either; they carry only marginally more
> > information than FIN.
>
> I'd just like to point out that, even if RCODE=REFUSED is rather non-informat
> ive
> *today*, at least it's more informative than TCP FIN, and also, it has room t
> o
> grow to be more informative in potential revisions of the DNS protocol. Somet
> hing
> could be put in an OPT record, for instance, detailing the error condition
> further, extended flags could be used, or a whole new RR type could be create
> d
> dedicated to error reporting. TCP FIN forecloses such possibilities and is
> basically an evolutionary dead-end for the protocol.
It's already happened. NOTAUTH is returned when the server
is not configured for the zone rather than REFUSED from the
RFC 1034 days.
>
> - Kevin
>
>
>
> --
> to unsubscribe send a message to namedroppers-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/namedroppers/>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>