IETF Last Call Review of draft-ietf-dnsop-3901bis-09
review-ietf-dnsop-3901bis-09-opsdir-lc-guo-2025-12-23-00

Impression: Has Nits

I have been selected as the OPSDIR reviewer for this I-D. While I am not a DNS
expert, I have reviewed the document carefully. My impression is that the draft
is technically sound and well written, and I believe it is ready for
publication. Nevertheless, I have identified a few minor nits and small issues
that I recommend addressing prior to the draft proceeding to final publication.

Nits:

s/recrusive/recursive/

s/...from resolving for clients.../...from being resolved for clients.../

s/If the name from an NS RR for a zone is sibling domain/If the name from an NS
RR for a zone is (in?) sibling domain/

Minor issues

Section 4.1, "Guidelines for Authoritative DNS Server Configuration", first
states that “It is usually recommended that DNS zones contain at least two name
servers,” and that “it is RECOMMENDED that at least two name servers for a zone
are dual-stack name servers.” However, the following discussion on IPv4 and
IPv6 adoption states that “Every DNS zone SHOULD be served by at least one
IPv4-reachable(or IPv6-reacheable) authoritative DNS server to maintain name
space continuity.” These above statements appear somewhat contradictory. I'd
tend to think that the first recommendation describes the ideal configuration,
while the latter is a minimum requirement? It may be helpful to clarify this
explicitly in the text to avoid confusion.