Re: Q1 followup - arguements against "MUST NOT" language

[Mark.Andrews@isc.org]

> Mark.Andrews@isc.org writes:
> > 	The MUST NOT is to prevent the case of the letters in the label
> > 	being changed and thereby causing signature comparision to fail.
> 
> No, the canonicalization specified in RFC2535 section 8.1 (and revised
> in unknown-rrs section 7) will keep that from happening.
> 
> The real problem is that the record would be corrupted by servers that
> attempt to treat it transparently, as I just explained in my message
> to Edward Lewis.
> -- 
> Andreas Gustafsson, gson@nominum.com

	There are multiple issues.

	With old clients that don't under the RR format you have to
	preserve case and not compress.  This allows the records
	to be treated as a opaque blob for cache and verification.

	With new clients that understand the RR format you still
	have to preserve the case but you could, if wanted to provide
	signaling to the server, use a compression pointer if
	the suffix pointes to had the *same* case as the original
	suffix.  The records in this case are not treated as
	opaque blobs and verification works.

	The requirement is that the case be preserved.  How you achieve
	that is a secondary matter.  Outlawing compression is one
	way.

	Mark

--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>