Hi Paul,
and thanks for your review.
The requirements in Section 2 should be clearly stated as being appropriate
only for the authoritative name service. The last bullet says this, but the
first bullet says "MUST implement core DNS [RFC1035] and clarifications to
the DNS [RFC2181]." That could be interpreted as saying that the root name
service must follow all the rules of RFC 1035, not just those that apply to
authoritative name servers, and there are a bunch that should not be
required. Consider changing that sentence fragment to "MUST implement core
DNS [RFC1035] and clarifications to the DNS [RFC2181], as an authoritative
name service”.
I think this seems reasonable. Marc?
Another bullet in Section 2 may be problematic:
MUST generate checksums when sending UDP datagrams and MUST verify
checksums when receiving UDP datagrams containing a non-zero
checksum.
What happens if a root name server receives a UDP datagram with a bad
checksum? It fails verification, but then what? This sentence *might*
incorporate the following clarification, but I'm not sure if it actually
matches the intent.
MUST generate checksums when sending UDP datagrams, and MUST
ignore a received UDP datagram containing a non-zero checksum
when that checksum does not verify.
If that's not the intent, I'm not sure what "verify" means without a
follow-on action.
I would not like to specify protocol in this document. It would be best if one
of the referenced documents already said this, and we could simply add a
reference. Do they?
Jari
signature.asc
Description: Message signed with OpenPGP using GPGMail