bert hubert wrote:
The server I mean by the way is microsoft exchange, which likes to do DNS
over TCP.
so what does microsoft exchange do when it tries to talk to a tinydns service
like everydns.net who doesn't implement TCP/53 at all?
It doesn't need to - it speaks to resolvers.
Bert
Okay, so there's a huge difference between "disabling one of the more
widely used MTAs", and "creates a reasonable dependence on
locally-operated resolvers".
Paul's original proposal, IIIIC (if I interpret it correctly) applies to
resolver<->authority-server communications, not stub<->resolver
communications.
Anyone can install and operate a resolver that permits (local) TCP
connections from stub clients, and as such, even if other parts of the
food chain change, this doesn't break - meaning the aforementioned MTA
doesn't get disabled by the proposal.
So, I think this is a bit of a red herring...
"MTA (TCP) resolver (UDP) authority server" is perfectly reasonable,
especially if the (UDP) includes (EDNS +/- DNSSEC).
Brian
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
