[DNSfirewalls] Fwd: New Version Notification for draft-vixie-dns-rpz-00.txt
Anne Bennett
anne at encs.concordia.ca
Tue Oct 11 21:36:03 UTC 2016
> vernon and i would appreciate feedback from close reading by operators
> and implementers of rpz-as-it-exists-today.
> Htmlized: https://tools.ietf.org/html/draft-vixie-dns-rpz-00
2. Zone Format
"can be transferred between servers DNS"
should be
"can be transferred between DNS servers"
4. Policy Triggers
"and answer truthfull requests from a client at 2001:2::3"
should be
"and give truthful answers to requests from a client at 2001:2::3"
"use whatever NS RRsets that are in their caches"
should be
"use whatever NS RRsets are in their caches"
or
"use the NS RRsets that are in their caches"
"all of the IP address for all the named servers"
should be
"all of the IP addresses for all the named servers"
"use whatever A or AAAA RRsets that are in their caches"
should be
"use whatever A or AAAA RRsets are in their caches"
or
"use the A or AAAA RRsets that are in their caches"
"imaginitive"
should be
"imaginative"
5. Subscriber Behavior
"They can only be searched in a recursive server's own storage"
should be
"They can be searched only in a recursive server's own storage"
"By default, policies are applied only [...] for which no DNSSEC
metadata exists."
add:
"This default can be overridden; see section 9 below."
I don't understand what you mean by "smallest name" and
"smallest IP address". Perhaps an example would help?
So far, clear and well written! I'll continue reading at section 6
tomorrow...
Anne.
--
Ms. Anne Bennett, Senior Sysadmin, ENCS, Concordia University, Montreal H3G 1M8
anne at encs.concordia.ca +1 514 848-2424 x2285
More information about the DNSfirewalls
mailing list