At 13:42 20-05-2014, The IESG wrote:
The IESG has received a request from the Internet Architecture Board
(iab) to consider the following document:
- 'DNS Root Name Service Protocol and Deployment Requirements'
<draft-iab-2870bis-01.txt> as Best Current Practice
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@xxxxxxxx mailing lists by 2014-06-20. Exceptionally, comments may be
In Section 1:
"The operational requirements are defined in [RSSAC-001]."
There isn't any document about Service Expectations at
http://www.icann.org/en/groups/rssac According to a message posted a
few months ago c.root-servers.net is not reachable on 2001:500:2::c
from one network. Section 3 of the draft mentions that the root name
service must answer queries from any entity with a valid IP
address. Could the authors comment about this deployment issue? An
old output of a traceroute is provided below:
Route to IPv6 node 2001:500:2::c
1 25 ms 25 ms 24 ms 2001:470:0:286::1
2 82 ms 41 ms 50 ms 2001:470:0:270::2
3 51 ms 48 ms 50 ms 2001:470:0:240::1
4 74 ms 102 ms 72 ms 2001:470:0:1b4::1
5 75 ms 74 ms 74 ms 2001:470:0:32::2
6 * * * ?
RFC 6891 is currently listed as an Internet Standard. It is not part
of the protocol requirements specified in Section 2.
During an unrelated discussion with the IESG it was pointed out that
a document could not be reclassified as Historic if the the IETF
still believes in what that document says. The draft mentions that
it reclassifies RFC 2870 without providing any reason.
My reading of "modern Internet" refers to the present
Internet. Wouldn't it be better to explain to the reader that the
operational requirements are defined by RSSAC instead of arguing that
it makes more sense to have protocol and some deployment requirements
in this draft? Operational requirements usually affect
deployment. Section 2 looks more like implementation or operational
requirements instead of protocol requirements. A fix could be to
change the title of the draft to "Requirements for DNS Root Name
Service". Section 2 could discuss about the Root Name Service end
while Section 3 could discuss about the Internet Host end.
In Section 2:
"MUST support IPv4[RFC0791] and IPv6[RFC2460] transport of DNS
queries and responses."
The following are reponses from some of the Root servers:
; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11395
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;b.root-servers.net. IN AAAA
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34834
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;e.root-servers.net. IN AAAA
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35019
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;g.root-servers.net. IN AAAA
The above-mentioned name servers do not support IPv6.
According to the Abstract:
"The DNS Root Name service is a critical part of the Internet architecture."
It's odd to specify an optional functionality in Section 3 for a
"critical part of the Internet architecture".
I'll note that there will no longer be an IETF document with the
following requirement:
"The root zone MUST be signed by the Internet Assigned Numbers
Authority (IANA) in accordance with DNSSEC"
Regards,
S. Moonesamy