In message <74ae2b2b-a09a-4fbf-b6c3-7eebe89ca...@hopcount.ca>, Joe Abley writes : > > On 2010-05-13, at 19:33, Mark Andrews wrote: > > > There are lots of way to do this. > > * Use UPDATE to update the delegation records in the parent. > > This would work today it only requires a willingness to do so. > > This can be done securely (TSIG) and will scale. > > UPDATE was designed to support this. > > * Try to guess which keys should have DS's based on SEP bits. > > * Use a different RR type (DLV does this). poll/notify to > > incorporate. (Ed the daily delegation check could do this. > :-)) > > * Use some epp extension. > > * Use a modified UPDATE which accepts and forwards to the > > registrar for inclusion in the zone rather than immediately > > updates the zone. When a registrar is not involved it is > > handled as a plain UPDATE. > > * .... > > ... and there's also the approach that is actually being implemented, > which is described in RFC 4310.
Which is essentially registrar to registry. It really does not make for a general solution to the problem unless every operator of every zone that delegates any zone runs epp in addition to running a DNS server. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
