Rename section to avoid implying split DNS

[mstojens]

"resolving differently" could mean resolving to something else (breaks DNSSEC and my heart) or to resolve or not to resolve (which is the question, with no regard for whether 'tis nobler in either direction).

This is in response to Stephen's response on the uta list.

@jdamick and @ableyjoe

[jdamick]

This doesn't necessarily break dnssec, if the dns server also signed the zone it can just sign response or depending on how it's signed you could just return nxdomain and it could still be valid. so i don't agree with this..

There are definitely ways to make this work.. ;)

[mstojens]

That assumes the server the client is authenticating to is also the owner of some zones, which I would hope is not generally true for security reasons (single compromise gives zone ownership and client resolution control). That said, yes that would allow the synthesis of distinct answer sets, all of which would pass DNSSEC validation. That is a specific scenario though that would need to be called out explicitly as an exception because the general case is this is not possible (such as enterprises blocking forbidden names, many to most of which they will not own).

Let me ask something else: ignoring the DNSSEC nuance, do you want to keep the existing text to avoid narrowing down to resolve/refuse?

[jdamick]

i just read the email, as long as the change doesn't prohibit someone from answering differently, i think i see the point now.

[jdamick]

but i'm not sure "Refusing to resolve different names" captures this correctly either, i like the broader 'resolves differently' wording personally.

[ableyjoe]

I agree. Until we hear objections, I prefer the more general messaging. We shouldn't try to identify all (or even any particular) use-cases in detail if we can avoid it.

On Oct 21, 2024, at 16:56, jdamick @.***> wrote:

but i'm not sure "Refusing to resolve different names" captures this correctly either, i like the broader 'resolves differently' wording personally.

— Reply to this email directly, view it on GitHub https://github.com/mstojens/draft-tjjk-cared/pull/13#issuecomment-2426928101, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABR34FR5SGH55UA743SIDBDZ4UIZFAVCNFSM6AAAAABQKJZRG2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMRWHEZDQMJQGE. You are receiving this because you were mentioned.

[mstojens]

I can see when I'm in the rough. Should the discussion gain traction on the list, feel free to disagree with me there; I believe in open list discussion even amongst co-authors.