Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Last Call Review of draft-ietf-masque-connect-ip-08
review-ietf-masque-connect-ip-08-dnsdir-lc-gieben-2023-03-12-00

Versions:

Request	Review of	draft-ietf-masque-connect-ip
	Requested revision	No specific revision (document currently at 13)
	Type	Last Call Review
	Team	DNS Directorate (dnsdir)
	Deadline	2023-03-15
	Requested	2023-03-01
	Requested by	Éric Vyncke
	Authors	Tommy Pauly , David Schinazi , Alex Chernyakhovsky , Mirja Kühlewind , Magnus Westerlund
	I-D last updated	2023-03-12
	Completed reviews	Dnsdir Telechat review of -09 by R. (Miek) Gieben (diff) Intdir Early review of -07 by Timothy Winters (diff) Dnsdir Last Call review of -08 by R. (Miek) Gieben (diff) Genart Last Call review of -08 by Vijay K. Gurbani (diff) Artart Last Call review of -08 by Jean Mahoney (diff) Tsvart Last Call review of -08 by Bob Briscoe (diff) Secdir Last Call review of -09 by Nancy Cam-Winget (diff) Opsdir Last Call review of -08 by Linda Dunbar (diff) Intdir Telechat review of -09 by Timothy Winters (diff) Httpdir Telechat review of -08 by Mark Nottingham (diff) Intdir Telechat review of -10 by Dr. Joseph D. Touch (diff) Dnsdir Telechat review of -09 by R. (Miek) Gieben (diff)
Assignment	Reviewer	R. (Miek) Gieben
	State	Completed
	Request	Last Call review on draft-ietf-masque-connect-ip by DNS Directorate Assigned
	Posted at	https://mailarchive.ietf.org/arch/msg/dnsdir/XNo3mpP0R0ib5kRdWE4GNjGz5MI
	Reviewed revision	08 (document currently at 13)
	Result	Ready w/issues
	Completed	2023-03-12

review-ietf-masque-connect-ip-08-dnsdir-lc-gieben-2023-03-12-00

Hello, I've reviewed draft-ietf-masque-connect-ip specifically for DNS issues.
This is mostly contained in a single section: 4.1: IP Proxy Handling.

In that section a two questions popped up when the 'target' variable is a DNS
name and the IP proxy must then perform a DNS lookup:

- Should the IP proxy care about the TTL of the looked up name? I.e. is it OK
if the TTL expires? Potentially the DNS name can then point to a different IP
address? - Should the IP Proxy do a DNSSEC lookup or a plain DNS lookup? Should
this be configurable or can the IP proxy just not care?

Regards,
Miek

Last Call Review of draft-ietf-masque-connect-ip-08 review-ietf-masque-connect-ip-08-dnsdir-lc-gieben-2023-03-12-00

Last Call Review of draft-ietf-masque-connect-ip-08
review-ietf-masque-connect-ip-08-dnsdir-lc-gieben-2023-03-12-00