In the DNS, QDCOUNT is (usually) One
draft-ietf-dnsop-qdcount-is-one-04
Yes
Erik Kline
John Scudder
Paul Wouters
Warren Kumari
No Objection
Deb Cooley
Francesca Palombini
Jim Guichard
Orie Steele
Zaheduzzaman Sarker
Note: This ballot was opened for revision 03 and is now closed.
Erik Kline
Yes
John Scudder
Yes
Paul Wouters
Yes
Warren Kumari
Yes
Éric Vyncke
Yes
Comment
(2024-06-17 for -03)
Sent
# Éric Vyncke, INT AD, comments for draft-ietf-dnsop-qdcount-is-one-03 Thank you for the work put into this document. Please find below some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and some nits. Special thanks to Suzanne Woolf for the shepherd's detailed write-up including the WG consensus *and* the justification of the intended status. I hope that this review helps to improve the document, Regards, -éric # COMMENTS (non-blocking) ## Meta data As noted by Roman and the idnits, please use only numbers in the "Updates" tag. ## Section 1 It is somehow ambiguous who are the "we" often used in this section: is it the authors ? the WG ? the IETF ? Using passive voice (or alternatives) would avoid this ambiguity. ## Appendix A.1 Suggest adding a reference to BCP14 in `normative requirements keyword` # NITS (non-blocking / cosmetic) ## Generic The repetition of `OPCODE = 0 (QUERY)` is an eye distraction, please consider using on "QUERY" after the first occurence. ## Section 1 s/Question Section of a message/Question Section of a DNS message/ ?
Deb Cooley
No Objection
Francesca Palombini
No Objection
Jim Guichard
No Objection
Mahesh Jethanandani
No Objection
Comment
(2024-06-18 for -03)
Sent
Section 3, paragraph 1 > A brief summary of the guidance provided in the existing DNS > specification for the use of QDCOUNT can be found in Appendix A. > While the specification is clear in many cases, in the specific case > of OPCODE = 0 (QUERY) there is some ambiguity which this document > aims to eliminate. By "existing DNS specification" do you mean RFC1035? Please state so.
Murray Kucherawy
No Objection
Comment
(2024-06-19 for -03)
Sent
Thanks to Barry Leiba for his ARTART review.
Orie Steele
No Objection
Roman Danyliw
No Objection
Comment
(2024-06-16 for -03)
Sent
** idnits says == The 'Updates: ' line in the draft header should list only the _numbers_ of the RFCs which will be updated by this document (if approved); it should not include the word 'RFC' in the list. ** Section 4. Firewalls that process DNS messages in order to eliminate unwanted traffic SHOULD treat messages with OPCODE = 0 and QDCOUNT > 1 as malformed traffic and return a FORMERR response as described above. Such firewalls MUST NOT treat messages with OPCODE = 0 and QDCOUNT = 0 as malformed. See Section 4 of [RFC8906] for further guidance. (Editorial) Should the term “firewall” be generalized to “middle box” (or something similar)? I ask because I’m wondering if DNS proxies, UTMs, or IPSs should also follow this advice?
Zaheduzzaman Sarker
No Objection