enygren
commented
4 years ago What about using SHOULD NOT instead?
Closed enygren closed 4 years ago
enygren
commented
4 years ago What about using SHOULD NOT instead?
enygren
commented
4 years ago How's the change in #224?
bemasc
commented
4 years ago All this does is force vendors to write additional code to detect this one sub-case of a loop.
I don't think this requirement binds BIND. It's a requirement on the zone owner. The user MUST comply; the software MAY enforce compliance.
marka63
commented
4 years ago All this does is force vendors to write additional code to detect this one sub-case of a loop.
I don't think this requirement binds BIND. It's a requirement on the zone owner. The user MUST comply; the software MAY enforce compliance.
Well the way it is now, zone loading tools would need to check. Anything a operator is required to do really needs to be checked by the zone parsing tools, because operators don't generally read RFCs. Additionally it also adds requirements on UPDATE, either the tool sending the update and/or the server processing the update.
marka63
commented
4 years ago We are in this place today because STD 13's instructions to not allow CNAME with other data where not uniformly enforced.
From @marka63:
Section 2.4.1. AliasMode paragraph 2. Why have "MUST NOT" here?
The primary purpose of AliasMode is to allow aliasing at the zone apex, where CNAME is not allowed. In AliasMode, TargetName MUST be the name of a domain that has SVCB, AAAA, or A records. It MUST NOT be equal to the owner name, as this would cause a loop.
Nameservers and clients need to detect loops regardless of the number of records that form the loop. All this does is force vendors to write additional code to detect this one sub-case of a loop. These are also the only RR types that need to have their owner names available to parse them.