Skip to main content

Early Review of draft-ietf-dnsop-ns-revalidation-04
review-ietf-dnsop-ns-revalidation-04-dnsdir-early-gieben-2023-07-30-00

Request Review of draft-ietf-dnsop-ns-revalidation
Requested revision No specific revision (document currently at 07)
Type Early Review
Team DNS Directorate (dnsdir)
Deadline 2023-07-31
Requested 2023-07-04
Requested by Tim Wicinski
Authors Shumon Huque , Paul A. Vixie , Willem Toorop
I-D last updated 2023-07-30
Completed reviews Dnsdir Early review of -04 by R. (Miek) Gieben (diff)
Assignment Reviewer R. (Miek) Gieben
State Completed
Request Early review on draft-ietf-dnsop-ns-revalidation by DNS Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/dnsdir/SC9XLHtZ7KKNt48MNuIMUTZ7NTM
Reviewed revision 04 (document currently at 07)
Result On the right track
Completed 2023-07-30
review-ietf-dnsop-ns-revalidation-04-dnsdir-early-gieben-2023-07-30-00
Hi all,

This is the dnsdir (early) review for
https://datatracker.ietf.org/doc/draft-ietf-dnsop-ns-revalidation/ version 04.

I've found the document clear in explaining why "Upgrading NS RRset
Credibility" and "Delegation Revalidation" are needed.

However when reading Section 3, I feel that this is an explanation of an
algorithm and should use RFC 2119 keywords and be more precise. One of the main
things I would like to see some text about is what if you _do_ get a response
from the child that does have NS records in the auth section? Have you then
sent the validation queries for nothing? Or is this indented for intermediate
nameservers (only)?

To a lesser extent this also hold true for Section 4, but algorithm is some
what simpler there.

The Security Considerations section reads a bit like a mini summery of the
document because it duplicates things from Section 2 (Motivation). I think the
entire text from Section 6 could be folded into Section 2 (and insofar it's not
already in there). Or say something like "this entire document deals with the
security of .....".

Small nit: section 3 currently is just a set of bullet points which looks a bit
odd.

Kind regards,
Miek