Last Call Review of draft-ietf-add-resolver-info-10
review-ietf-add-resolver-info-10-artart-lc-gulbrandsen-2024-02-27-00
| Request | Review of | draft-ietf-add-resolver-info |
|---|---|---|
| Requested revision | No specific revision (document currently at 13) | |
| Type | Last Call Review | |
| Team | ART Area Review Team (artart) | |
| Deadline | 2024-02-29 | |
| Requested | 2024-02-15 | |
| Authors | Tirumaleswar Reddy.K , Mohamed Boucadair | |
| I-D last updated | 2024-02-27 | |
| Completed reviews |
Genart Last Call review of -11
by Mallory Knodel
(diff)
Dnsdir Last Call review of -10 by Jim Reid (diff) Artart Last Call review of -10 by Arnt Gulbrandsen (diff) Dnsdir Telechat review of -11 by Jim Reid (diff) Artart Telechat review of -11 by Arnt Gulbrandsen (diff) Dnsdir Early review of -02 by Johan Stenstam (diff) Dnsdir Telechat review of -11 by Jim Reid (diff) |
|
| Assignment | Reviewer | Arnt Gulbrandsen |
| State | Completed | |
| Request | Last Call review on draft-ietf-add-resolver-info by ART Area Review Team Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/art/tg4Ot6t1lLPpji_j8Ee4yDURurA | |
| Reviewed revision | 10 (document currently at 13) | |
| Result | Ready w/issues | |
| Completed | 2024-02-27 |
review-ietf-add-resolver-info-10-artart-lc-gulbrandsen-2024-02-27-00
Hi, I am the assigned ART reviewer. FWIW I have some familiarity with the DNS generally, but this is the first time I've read this draft. I think the draft is close to ready. Three points: 1. Section 3 says the domain resolver.arpa is used. The only example in the document uses a different domain, namely resolver.example.com. As I read it, the meaning is only really defined for resolver.arpa. Not sure what resolution I prefer here, but I would be happier if the first example were obviously compliant, and even happier if the document specifies what RESINFO means when returned for other domains. (Nothing, right?) 2. "For example, a DoT server may not want to host an HTTPS server" implies that the informational server is hosted by the resolver. I don't like that implication and suggest removing the sentence or (better) finding a different example. 3. The use of "validate" and "reputation" in the security considerations reminds me of RFC 1925 Truth 6. Please excuse my unkind choice of words: The paragraph sounds like a more polite version of "some attacker might find a way to attack this, but a reputation blackbox will fix that". Perhaps an explanation of the problem as you understand it helps. I certainly didn't understand the threat. Arnt
