| Internet-Draft | Additional; Glue | December 2021 |
| Hoffman & van Dijk | Expires 16 June 2022 | [Page] |
Implementers have recently expressed different views on what can appear in the Additional section in DNS responses. Proposals for adding functionality to the DNS protocol that rely on non-glue records in the Additional section rely on having a common understanding of the semantics of the Additional section.¶
This document restates what has been said in other DNS standards, and does not update any of them.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 16 June 2022.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
RFC 1034 [DNS-CONCEPTS], RFC 1035 [DNS-BASE], and RFC 2181 [DNS-CLARIFICATIONS] are the basis for understanding the DNS protocol and message format. One important part of the message format is what record types can appear in each section of DNS responses, and the semantics of the presence or absence of those record types in each section. This document focuses on the contents of the Additional section in DNS responses.¶
This document explicitly does not update [DNS-CONCEPTS], [DNS-BASE], [DNS-CLARIFICATIONS], or any other document.¶
When describing what each section holds, Section 3.7 of [DNS-CONCEPTS] says:¶
When describing the algorithm for putting together a DNS response, Section 4.3.2 of [DNS-CONCEPTS] says:¶
When describing what each section holds, Section 4.1 of [DNS-BASE] says:¶
and that it:¶
Section 4.2.1 of [DNS-CONCEPTS] says:¶
and¶
Section 5.4.1 of [DNS-CLARIFICATIONS] says:¶
RFC 4035 [DNSSEC] discusses the inclusion of DNSSEC signatures on data in the Additional section. Section 3.1.1 says:¶
The foundational documents for the DNS did not place any restriction on what additional information might appear in the Additional section of DNS replies. If they had, the widely used extension mechanism in RFC 6891 [DNS-EXTENSIONS] would not be possible.¶
Glue records are addresses for name servers. These records can (and almost always do) appear in the Additional section of responses that are delegations. Non-address records that appear in the Additional section are not considered glue as that term is used in existing RFCs.¶
It is both acceptable and common for RRSIG RRs to appear in the Additional section of responses.¶
New protocols can specify that non-address resource records can appear in the Additional section of responses. They can define the semantics of the presence or absence of those non-address records.¶
This document does not create any new IANA considerations.¶
This document does not create any new security considerations.¶