aboutsummaryrefslogtreecommitdiff
path: root/rs_review_202204.txt
diff options
context:
space:
mode:
Diffstat (limited to 'rs_review_202204.txt')
-rw-r--r--rs_review_202204.txt28
1 files changed, 18 insertions, 10 deletions
diff --git a/rs_review_202204.txt b/rs_review_202204.txt
index 419dc0e..3b28856 100644
--- a/rs_review_202204.txt
+++ b/rs_review_202204.txt
@@ -33,8 +33,7 @@ Each definition might be more clear if the repetition of the term were omitted a
33 33
34In the "Name" definition, do you mean "applications MAY *require* that ... "? 34In the "Name" definition, do you mean "applications MAY *require* that ... "?
35 35
36===== I think we could also formulate it like that. But that would be a normative statement for the application 36===== I think we could also formulate it like that. But that would be a normative statement for the application as opposed to a normative statement what the GNS impl. should expect. => No change.
37as opposed to a normative statement what the GNS impl. should expect.
38 37
39Using "Zone type" as the term for cipher and encoding seemed strange to me, why not "Zone Representation" or something shorter? One or two examples before the terms, with text identifying the parts in the definition, would be helpful. 38Using "Zone type" as the term for cipher and encoding seemed strange to me, why not "Zone Representation" or something shorter? One or two examples before the terms, with text identifying the parts in the definition, would be helpful.
40 39
@@ -46,7 +45,7 @@ Sec 3, "cryptographically secured zones" is redundant, aren't all zones cryptogr
46 45
47Last sentence of first paragraph repeats the definition we just read. 46Last sentence of first paragraph repeats the definition we just read.
48 47
49===== I don't think so. 48===== Unable to find this issue in the text itself.
50 49
51Second para "A zone can be populated by its owner with ..." A clarification that the distributed storage isn't required by the protocol would be useful. 50Second para "A zone can be populated by its owner with ..." A clarification that the distributed storage isn't required by the protocol would be useful.
52 51
@@ -54,21 +53,23 @@ Second para "A zone can be populated by its owner with ..." A clarification that
54 53
55The text introducing figure 2 makes me think it's going to show all the flows for a recursive resolution, and it is rather a high-level view. 54The text introducing figure 2 makes me think it's going to show all the flows for a recursive resolution, and it is rather a high-level view.
56 55
57===== That is what the figure description sais and I think this is enough for an "Overview". 56===== That is what the figure description sais and I think this is enough for an "Overview".
58 57
59Sec 4, which user creates and manages zones? The Zone admin? The end-user? 58Sec 4, which user creates and manages zones? The Zone admin? The end-user?
60 59
61==== TODO 60==== Zone owners. Clarified.
62 61
63The forward ref to Section 5.1 should be before the list of algorithms in my opinion. 62The forward ref to Section 5.1 should be before the list of algorithms in my opinion.
64 63
65==== TODO. After first review I disagree as it refers to the functions which are introduced above. 64==== After review I disagree as it refers to the functions which are introduced above that text.
66 65
67Sec 4.1, maybe say "||" is the concatenation operator and that "[a..b]" is the semi-closed range from A to B-1 66Sec 4.1, maybe say "||" is the concatenation operator and that "[a..b]" is the semi-closed range from A to B-1
68 67
68==== Clarified the use of the operators.
69
69Sec 4.2, "strictly monotonically increasing order" I think monotonically is wrong. 70Sec 4.2, "strictly monotonically increasing order" I think monotonically is wrong.
70 71
71====== I am 95% sure that monotonically is correct when we talk about a function. Not sure about order. 72====== I am 99% sure that monotonically is correct and the important part.
72 73
73Sec 5, nice to block of IANA numbers for interop. Are timestamps in GNS always 64bit microsec since 1/1/1970? Maybe add a definition or something at the top? 74Sec 5, nice to block of IANA numbers for interop. Are timestamps in GNS always 64bit microsec since 1/1/1970? Maybe add a definition or something at the top?
74 75
@@ -82,18 +83,23 @@ Sec 5.1.1, the crypto heart starts to appear. ;) This all looks okay to me, and
82 83
83Sec 5.1.2, "highest 32 bytes" maybe "top-most"? Nit. SignDerived is clever. Consider asking CFRG to review the crypto in Sec 5. 84Sec 5.1.2, "highest 32 bytes" maybe "top-most"? Nit. SignDerived is clever. Consider asking CFRG to review the crypto in Sec 5.
84 85
86======= We could do that, but then again we had a review by djb already.
87
85Sec 5.2.1+5.2.2, have you thought of allowing multiple REDIRECT records to achieve some kind of load-balancing or other? 88Sec 5.2.1+5.2.2, have you thought of allowing multiple REDIRECT records to achieve some kind of load-balancing or other?
86 89
87======= Q: Maybe we want this? CNAME did not allow this, but it seems to be used in practice occasionally https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch10_07.htm#dns4-CHP-10-SECT-7.1 90======= This is a CNAME-derivative. It seems that CNAMEs do not support this either: https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch10_07.htm#dns4-CHP-10-SECT-7.1
88 91
89Sec 5.3.1, I would think TLS SNI value is also common for LEHO data. 92Sec 5.3.1, I would think TLS SNI value is also common for LEHO data.
90 93
94===== Added ref to RFC6066 SNI
95
91Sec 5.3.3, not unlike the new SVCB RR type? 96Sec 5.3.3, not unlike the new SVCB RR type?
92 97
98==== Yeah, bit is still draft status (?).
99
93Sec 6, is this whole storage strictly necessary for interop? You could split it off into a separate document. There's not enough here to implement the storage. What happens to resolution if the GET() fails? I assume that's discussed. 100Sec 6, is this whole storage strictly necessary for interop? You could split it off into a separate document. There's not enough here to implement the storage. What happens to resolution if the GET() fails? I assume that's discussed.
94 101
95======= FIXME: We may want to consider renaming Section 6 and/or move it into a subsection of Section 5 as we do not really define the storage here. 102======= Renamed section to "Record Encoding" in order to avoid storage confusion.
96======= Record Wire Format / Record Encoding
97 103
98Sec 7, the application filters record sets. Oh, that is *VERY* interesting. And that picture is starting to look familiar. Third time? 104Sec 7, the application filters record sets. Oh, that is *VERY* interesting. And that picture is starting to look familiar. Third time?
99 105
@@ -101,6 +107,8 @@ Sec 7.1+7.2+7.3 very nice, very clear, I could implement this (modulo the storag
101 107
102Sec 9.3 seems very important. Somewhere up near the front you should forward-link to it. And in the security considerations, backlink. 108Sec 9.3 seems very important. Somewhere up near the front you should forward-link to it. And in the security considerations, backlink.
103 109
110===== Added.
111
104Sec 9.4, it's difficult because it requires law enforcement, etc., to get the private key? Is that really so hard? https://xkcd.com/538/ 112Sec 9.4, it's difficult because it requires law enforcement, etc., to get the private key? Is that really so hard? https://xkcd.com/538/
105 113
106==== No, because of the user-centric design for delegations. TODO: Clarify again in text? 114==== No, because of the user-centric design for delegations. TODO: Clarify again in text?
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-16 12:12:56 +0000