Skip to main content

Last Call Review of draft-ietf-dnsop-7706bis-07
review-ietf-dnsop-7706bis-07-secdir-lc-dunbar-2020-02-24-00

Request Review of draft-ietf-dnsop-7706bis
Requested revision No specific revision (document currently at 12)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2020-02-28
Requested 2020-02-14
Authors Warren "Ace" Kumari , Paul E. Hoffman
Draft last updated 2020-02-24
Completed reviews Opsdir Last Call review of -07 by Jouni Korhonen (diff)
Secdir Last Call review of -07 by Linda Dunbar (diff)
Genart Last Call review of -07 by Ines Robles (diff)
Assignment Reviewer Linda Dunbar
State Completed
Review review-ietf-dnsop-7706bis-07-secdir-lc-dunbar-2020-02-24
Posted at https://mailarchive.ietf.org/arch/msg/secdir/0jM9fwmgpN5PfDzi4fY8IcZ2m_c
Reviewed revision 07 (document currently at 12)
Result Has Nits
Completed 2020-02-24
review-ietf-dnsop-7706bis-07-secdir-lc-dunbar-2020-02-24-00
Reviewer: Linda Dunbar
Review result: Ready with questions

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

The Abstract of  This document claims that this document shows how to start and
maintain  a copy of the root zone in the Recursive Resolvers so that the
Resolvers don't need to send query to  another node. Two questions: - What if
the node is not authorized to have the entire records? It would desirable for
the Resolvers to have all the records of the root zone. Is there any scenario
that the Resolvers simply cannot get all the records of the root zone?

-  How to detect if any records stored in the Resolver are STALE?

Page 3, last sentence of the 3rd paragraph:  is it a typo? or miss a verb?
"... it would all responses from a remote root server"

Cheers,

Linda Dunbar