[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Q22: Failure Mode for compressed names.

With reference to the DNSSECbis docset and based on the discussion
during IETF58, here is another little issue.

 Q22: Failure Mode for compressed names. 

      What should the failure mode be if compressed names are
      encountered in RRs other than the "well-known" RRs; Should the
      verifier be liberal or fail. (Remember compression is only
      allowd for "well known RRs, RFC3597 section 4 and RFC1123)

      The sense of the room at IETF58 that senders should not send RRs
      with compressed data and receivers should "not throw a fit".

      Since, in contrast to Q19, the canonicalization for the signer
      and the verifier are specified (records section 6.2) so the
      question is if the "robustness principle" should be specified at
      all?



Process:
      If you think that there should be language to specify how to
      apply the robustness principle for when RRs other than the "well
      known" RRs are compressed than please supply text to go into one
      of the DNSSECbis draft.

      Default action will be not to add recomendations about compression
      and decompression before sending or after receiving. 

      This issue will be evaluated Mon 8 Dec.


-- Olaf
   DNSEXT Co-Chair


---------------------------------| Olaf M. Kolkman
---------------------------------| RIPE NCC


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>