[dns-operations] Reporting glue as authoritive data -- Bug!

Mark Andrews Mark_Andrews at isc.org
Mon Jan 28 09:45:35 UTC 2008


> 
> --LQksG6bCIzRHxTLp
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> 
> On Fri, Jan 25, 2008 at 01:51:52PM -0500,
>  Matt Larson <mlarson at verisign.com> wrote 
>  a message of 11 lines which said:
> 
> > > BIND9 does what the RFC says,
> > 
> > Chapter and verse, please.  
> 
> IMHO, this is RFC 1034, section 4.3.2. It says "If a match would take
> us out of the authoritative data, we have a referral. [...] Put

	Glue is not authoritative data.  NS records at the bottom
	of zone are not autoritative data.  RFC 1034 and RFC 1035
	are internally consistant about this.

> whatever addresses are available into the additional section, using
> glue RRs if the addresses are not available from authoritative data or
> the cache." In the example given ('dig @f.gtld-servers.net A
> ns1.crsnic.net.') we are "out of the authoritative data".
> 
> I agree that RFC 1034, 3.7 says "Answer [section] Carries RRs which
> directly answer the query." introduces ambiguity since, in the example
> given, the A record directly answers a query.

	A parent doesn't have *answers* which directly answer the question
	unless they exist in the cache.
 
> Work for the IETF "DNS extensions" working group, which is currently
> busy on a "profile" RFC? (See the attached message.)
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org



More information about the dns-operations mailing list