In message <alpine.lfd.1.10.0907160038250.20...@newtla.xelerance.com>, Paul
Wouter
s writes:
> On Thu, 16 Jul 2009, Mark Andrews wrote:
>
> >> If I use my own validating stub resolver I can't make it to the portal
> >> page.
> >
> > With proper configuration of the validating stub resolver and the
> > recursive servers your validating stub resolver are using you should
> > be able to make it to the portal page.
> >
> > I do agree that it makes it more complicated.
>
> With DNS redirection? I can see it with http redirection, but with
> my validating resolver, I would only be getting servfails? They
> either modify the data and invalidate the signature, or they strip
> out the DNSSEC and cause my validating to servfail?
>
> How would this work?
With portals that are only available to internal servers you are
grafting on namespace and you configure your validator to know about
it and potentially not validate that namespace.
zone "portal.isp.com" {
type forward;
forward only;
forwarders { ISP'r recursive servers; };
};
this is really no different to internal namespace.
> I just wish there was a dhcp option for this. Then we could signal
> a landing page, and we could even signal the browser to wait and
> not try to reload (and destroy) all my tabs into 20 copies of the
> landing page.
>
> Paul
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
