[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[dnsext] A contradiction in RFC 5155
- To: namedroppers@ops.ietf.org
- Subject: [dnsext] A contradiction in RFC 5155
- From: "Roy Arends" <roy@nominet.org.uk>
- Date: Mon, 17 Nov 2008 16:57:47 -0600
- Domainkey-signature: s=main.dk.nominet.selector; d=nominet.org.uk; c=nofws; q=dns; h=X-IronPort-AV:Received:To:Subject:MIME-Version:X-Mailer: Message-ID:From:Date:X-MIMETrack:Content-Type; b=ZMLO0uM+U088bP53YiWnhviIG05u2g5sHQzAto4FHE9chIWQQN0d3F+c cQMGnmW3SzGxYHOhHRsrlXwFiVJaw4cOYikskEadWSwlnzd40SMj3LkSo qPokktm82G9ruy5;
Dear DNSEXT WG,
During an NSEC3 interoperability test we found a contradiction in RFC
5155:
A NSEC3 record, that matches an Empty Non-Terminal, effectively has no
type associated with it. This NSEC3 record has an empty type bit map.
Section 3.2.1 contains the statement:
Blocks with no types present MUST NOT be included.
However, the same section contains a regular expression:
Type Bit Maps Field = ( Window Block # | Bitmap Length | Bitmap )+
The plus sign in the regular expression indicates that there is one or
more of the preceding element. This means that there must be at least one
window block. If this window block has no types, it contradicts with the
first statement. Therefore, the correct text in RFC 5155 3.2.1 should be:
Type Bit Maps Field = ( Window Block # | Bitmap Length | Bitmap )*
I suggest we add this to dnssec-bis updates (
draft-ietf-dnsext-dnssec-bis-updates-07), and we get this one character
error in RFC5155 ERRATA posted on the rfc-editors site.
If the suggested change is not satisfactory, I want better text by
November 26th. At that point I'll brief the RFC editor and ask the chairs
and the dnssec-bis editors to add it to dnssec-bis updates.
With Kind Regards,
Roy Arends
Senior Researcher
Nominet UK
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>