[net-dns-users] SOA rname as mailbox

Willem Toorop willem at nlnetlabs.nl
Tue May 26 10:34:14 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Please!

We *are* listening to this list!  We will always post a release
candidate before doing an actual release to this list for review.

Before we also did release candidates, only not via the list, but via
developers releases on CPAN and via the website.  This did (obviously)
not give us the desired feedback, so I have tried to inventory all
developers of packages using Net::DNS and invited them personally to
this list to improve on this situation.  Another step we have done to
improve is that we release far more often and with smaller changes
then before.

Net::DNS might never have given the lower level controls you needed
for zonemaster.  Before it might have given the (wrong) impression
that it did though.  For example with the writeable section counters
in the header that were silently ignored.

ldns also has an intermediate (interpreted) host format b.t.w., though
its rdata field structures are closer to the wire-format data than
those of Net::DNS yes.  If you really want more finer-grained control
to lower-level DNS, at the wire format, but also at the network and
I/O level, you might give getdns a go; though perl bindings are still
in the make.

Debugging DNS is not the only use case for Net::DNS.  There are also
many application that use Net::DNS not to debug DNS, but to get to
specific records and to do DNSSEC validation at the application level.

The SOA->rname change has been a mistake because it broke previous
behaviour.  At the time I deemed it a minor issue and safe because the
returned value was an parsed and formatted one anyway; and it did not
affect the reading and writing of presentation format.  We will make
sure to never break this way again or at least communicate very clear
and loudly about it on this list beforehand.   We will listen and act
on objections from the list.  The list was created for this very purpose.

- -- Willem

Op 26-05-15 om 11:15 schreef Einar Lönn:
> Also considering that basically every single user on this list
> wants a tool that can be used to debug DNS and not a fancy tool
> that does all the work for you I’m a bit sad that you let pride
> guide the project instead of actual user needs and requests. I dont
> think anyone, not one single user, has requested or wanted this
> change and when we (the users) try and tell you so you basically
> tell us how wrong we are.
> 
> It’s tiresome to have Net::DNS version ranges in our code and it’s
> even more tiresome when the maintainer(s) try and justify these
> changes. We created Net::LDNS for our new projects as we didnt like
> this user-unfriendly approach.
> 
> /Regards, Einar
> 
> On 25 May 2015, at 20:33, Chris Buxton <clists at buxtonfamily.us>
> wrote:
> 
>> Dick,
>> 
>> Let me pose this question: This field of the SOA record is
>> informational, and often (in the real world) doesn't lead to an
>> actual functioning email address. When dealing with DNS records,
>> how often does a script actually need this value in email address
>> format? Compare that with the frequency of needing this in DNS
>> domain name format, the way it is represented in DNS messages. I
>> believe you will find that the latter need is far more prevalent
>> than the former.
>> 
>> Now consider that you are doing extra work to decode this value,
>> which is basically never needed, and then asking the script
>> writer to do extra work to convert it back again. As you said,
>> it's an inconsequential amount of work in terms of execution time
>> (though not inconsequential in terms of coding time), but given
>> how infrequently anyone actually cares about the semantic meaning
>> of this field, vs. simply wanting to accurately record the fields
>> of an SOA record, it seems counterintuitive that the module would
>> behave this way.
>> 
>> And of course, there is the matter that it used to behave
>> differently. My scripts broke in the 0.69 update. That bothered
>> me. I rewrote them to stop using the (IMO broken) new behavior,
>> and now use the SOA object's string method followed by 'split' to
>> obtain the fields in DNS format.
>> 
>> I don't understand why this matters to you so much. There's an
>> easy conversion routine, so rather than break the API, it would
>> have been better to simply advertise that you have a handy
>> conversion routine available for those who want to work with the
>> data in email address format. At this point, obviously, you risk
>> breaking scripts either way, because you've allowed the situation
>> to remain for so long, but I think it's pretty clear the change
>> in 0.69 was a mistake.
>> 
>> That's my opinion. I'll get off my soapbox now.
>> 
>> Regards, Chris Buxton
>> 
>>> On May 21, 2015, at 11:48 AM, Dick Franks <rwfranks at acm.org>
>>> wrote:
>>> 
>>> 
>>> On 19 May 2015 at 09:38, Doug Barton <dougb at dougbarton.us>
>>> wrote: On 5/18/15 5:30 PM, Dick Franks wrote: All of this was
>>> discussed at length on this list in 2012/2013
>>> 
>>> Yes, and some of us told you at the time that while your
>>> reasoning was air tight, and self-consistent; the resulting
>>> change did not meet our needs.
>>> 
>>> The air tight and self-consistent reasoning was founded on a
>>> careful analysis of RFC1035. The present implementation of
>>> Net::DNS got where it got by following that reasoning.
>>> Analysis and air tight reasoning are investments with a
>>> long-term yield in the form of design stability.
>>> 
>>> The pre-0.69 implementation was not based on a sound analysis
>>> of RFC1035, which is regrettable but these things happen.  This
>>> is the only flaw in Michael Fuhr's original vision.
>>> 
>>> 
>>> For example, the obvious, glaring exception to your statement
>>> that "There is absolutely nothing useful you can do with the
>>> wire-format domain name representation" is that you can, and
>>> often need to, stuff it into a data store that will be used by
>>> something other than Net::DNS to generate zone files down the
>>> road.
>>> 
>>> It is certainly arguable that RFC1035 was wrong in not using
>>> RFC822 for the SOA RNAME field in zone file format. This is a
>>> mistake we all have to live with.  The need to jump through
>>> hoops to convert mail addresses into domain names is a direct
>>> consequence of that mistake. The need to do so arises from
>>> *your* design decision about what to stuff in *your* data
>>> store.
>>> 
>>> 
>>> So while it makes perfect sense to have a way to generate 822
>>> format from Net::DNS, and it might even make sense to have that
>>> be the default,
>>> 
>>> RFC822 format is the primary representation of entities that
>>> claim to be a mail address.  The wire-format and domain name
>>> representations are encodings of that primary representation.
>>> 
>>> 
>>> it ALSO makes sense to have a way to get the wire format
>>> without having to jump through insane hoops to do so. ... and
>>> just to save you time, no, it does not make sense for Net::DNS
>>> to decode the wire format, then have the other system re-encode
>>> it.
>>> 
>>> We will have to agree to differ about what does, or does not,
>>> make sense.
>>> 
>>> The conversion can be done in a single line.  The computational
>>> cost is insignificant compared with the cost of resolving the
>>> SOA record.
>>> 
>>> use Net::DNS::Mailbox;
>>> 
>>> my $email = 'John.Doe at example.com';
>>> 
>>> my $name = new Net::DNS::Mailbox($email)->string;  # zone file
>>> format
>>> 
>>> 
>>> The attractions of doing things this way are: 1) The conversion
>>> will forever remain in sync with current understanding of
>>> RFC1035 and RFC822 et seq. 2) If you discover any example which
>>> violates the RFCs, I agree to let you kick me until it is
>>> fixed. 3) The conversion accepts both RFC822 and the domain
>>> name encoded format, so there is no need to check which you
>>> have.
>>> 
>>> 
>>> -- Dick
>>> 
>>> _______________________________________________ net-dns-users
>>> mailing list net-dns-users at nlnetlabs.nl 
>>> https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users
>> 
>> _______________________________________________ net-dns-users
>> mailing list net-dns-users at nlnetlabs.nl 
>> https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users
> 
> 
> 
> _______________________________________________ net-dns-users
> mailing list net-dns-users at nlnetlabs.nl 
> https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJVZEwmAAoJEOX4+CEvd6SYNcMP/2OLefhJNybJW/BKBjTDJERK
nKVBqWJEFExXagJwBF6gMiA88wqXunU9DiNFEzV/4V0F5jOUmh1xpo90KQ5n9rYI
jU2LpGrk100+2dRbzOUB99L0M+1zrOeJ9u0aKi51HWq152eP0OJfcOD/4PHbjLud
cPqLZaNy276U37Ra0HK8+iSOI86wvqimlifpM6qoQUFTHO0JjSCbC1lpjlTv+9AL
gdPojsflu4p+/SjTfjtBOhTu524ZIX7SnqL3+Ww3LjeiE5paQR6zs6YzoicxpBib
+U3DnGMzRrdkbpzMe5MHW5RFJBmdYCoQE/1Gl/TevT/nh8+xOrx6yJfaLKqU9oxT
dJGtmQUEWUQ/5swiOQolWYN44QGtEmtM0lZWVigO7q4h/W9i84I49DuehBJP9wlc
LYRkPBgQ6y+75K38p7p0leEnQ++JQHtKDFwBf1GpkYsz1eNanZ4xbvqJZfW8j1BD
wiRJCxB1ziPWMOpPL/TiT7nFSogyBxT+BgD0SRYSjvtS4gqSYFIKga5eiO1+BbTa
S0jQGqB/DZBFP5X1XCaq4BxwghZNl6GLJZqYjYWiaqZk5arL5JzOZltiN/GOemCd
obuenNsrryspHczw5Q7CmlfL0Cs95kOZK7iSvQ2gKWGNvlvdba03iFdC5O2xhHAb
S7vQWR+49VnSxfAdAmbW
=b14L
-----END PGP SIGNATURE-----



More information about the net-dns-users mailing list