In message <6.2.5.6.2.20130504095840.0d4a98d8@xxxxxxxxxxxx>, S Moonesamy writes: > Hi Doug, > At 16:19 03-05-2013, Doug Barton wrote: > >I am not saying that the WG members (or chairs) should be given the > >wet-noodle treatment over having reached a bad decision, but what is > >cross-area review for if not to catch cases where the WG echo > >chamber/tunnel vision/what have you -- resulted in a bad outcome? > > I'll try explain the problem as I saw it. > > (a) You should have both X and Y > > (b) You must have either X or Y > > (c) If you have X and Y they must be identical > > (d) I can ask you for either X or Y, or for both X and Y > > Regards, > S. Moonesamy > The DNS does not guarentee that the result of 2 consecutive queries for the same data will be the same even to the same server (cache or authoritative). RFC 4408 says that *data* MUST be the same if both records are present in the zone. It the operator breaks that MUST then you get inconsistent results. Note this is no different to changing the contents of the record. You will get inconsistent result while the record are in transition. For the client side you assume the MUST is being honoured as there is no way (other than to ask a * query directly to the authoritative servers) to check that this is so. You take the first result which returns *data* and use it. This was never a real problem. Not all MUSTs need to be checked. Note DNSSEC also has MUSTs about what the server side need to do which the client side cannot check. This is the nature of DNS. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx