Initializing a DNS Resolver with Priming Queries
RFC 8109

Note: This ballot was opened for revision 09 and is now closed.

(Joel Jaeggli) Yes

(Jari Arkko) No Objection

(Alia Atlas) No Objection

Deborah Brungard No Objection

(Ben Campbell) No Objection

Comment (2016-11-29 for -09)
No email
send info
In section 3.1, is there a reason the requirement in paragraph 2 does not get a 2119 keywords, when the requirement in the first paragraph does? They seem similar in impact.

(Benoît Claise) No Objection

Alissa Cooper No Objection

(Spencer Dawkins) No Objection

Comment (2016-11-30 for -09)
No email
send info
I find myself curious about both SHOULDs in 

   Resolver software SHOULD treat the response to the priming query as a
   normal DNS response, just as it would use any other data fed to its
   cache.  Resolver software SHOULD NOT expect exactly 13 NS RRs.
   
Do you think these SHOULDs (especially the first one) are required for interoperation? I'm wondering (1) why they aren't MUSTs, and (2) why RFC 2119 language is actually needed at all. If they are RFC 2119 SHOULDs, what happens if the resolver software violates them?

(Stephen Farrell) No Objection

Comment (2016-11-30 for -09)
No email
send info
- intro: References for directions that fail "disastrously"
would be good, if only to decrease the chances that other
implementers choose known-bad approaches.

- section 5, 2nd para: such an attacker can also see what
queries are being emitted by the resolver, and, in the
absence of qname minimisation, that can be quite privacy
sensitive. I think it'd be well worth noting that with a
reference to RFC7816 as a possible mitigation.

Suresh Krishnan No Objection

Mirja Kühlewind No Objection

(Terry Manderson) No Objection

Comment (2016-11-30 for -09)
No email
send info
Thank you for producing a well written artefact.

I also support Stephen's request to identify the scenarios in which "Some implementers have chosen other directions, some of which work well and others of which fail (sometimes disastrously) under different conditions." An appendix would be fine IMHO.

Given you raise some (awareness) issues in the security consideration section, if an administrator implements RFC7706 would that alter any of those concerns? (admittedly, potentially buying others that are well documented in 7706)

Alexey Melnikov No Objection

(Kathleen Moriarty) No Objection

Comment (2016-11-30 for -09)
No email
send info
I support Stephen's comments.

Alvaro Retana No Objection