[dns-operations] Validation direction (Was: Re: Org Dnskey TTL)

Joe Abley jabley at hopcount.ca
Tue Apr 20 14:53:13 UTC 2010


On 2010-04-20, at 10:43, Edward Lewis wrote:

> At 10:14 -0400 4/20/10, Joe Abley wrote:
> 
>> It had not actually occurred to me that anybody would think bottom-up was
>> a good idea.
> 
> Gulp!  That was the intention of the protocol design!!!

Perhaps context is necessary -- I'm talking about the impact on query patterns from validation, not any internal algorithm a validator might use to validate an answer. The thread began with pondering about the practical impact of low-TTL DNSKEY RRSets in ORG and wandered off into a corner to muse whether the impact would vary with the number of secure delegations from that zone.

In practical terms, given that in reality every validator sets DO=1 for every query and that resolution is always top-down following the initial priming query, it seems unnatural to think that query order would be anything other than top-down.

And to define my terms and make sure we're all holding the map the same way, as viewed by me the root is up and www.deep.down.in.the.namespace.away.from.the.root is down.


Joe


More information about the dns-operations mailing list