In message <da1f9b6b-4972-4a22-b11e-2f0e0f4c3...@hopcount.ca>, Joe Abley writes
:
>
> On 2010-05-13, at 22:32, Mark Andrews wrote:
>
> > Which is essentially registrar to registry. It really does not
> > make for a general solution to the problem unless every operator
> > of every zone that delegates any zone runs epp in addition to running
> > a DNS server.
>
> Sure, but be aware that you're conflating several of
>
> - delegated zone editor
> - delegated zone publisher
> - authoritative nameserver operator for delegated zone
> - registrant
> - registrar
> - registry
> - parent zone editor
> - parent zone publisher
> - authoritative nameserver operator for the parent zone
>
> in your general solution, which makes it no more general, really. =
> Granted there are probably not often nine different entities carrying =
> out those functions, but increasingly there are more than two.
>
> The EPP answer at least has some basis in current reality.
>
> I suspect there is no general solution.
>
> Joe
On the other hand I'm sure that there is a general solution.
We need to define how the child talks to the parent so that
the parent can be sure that it is the child making the request.
The rest depends on the business models the parent and child are
using.
child component with authority to update ->
PROTOCOL ->
parent component the authority to accept update from child ->
parent processes ->
published zone.
parent processes could be:
forward to registrar
registrar authenticates send back ack/nak via parent component
convert to epp and update registry
registry publishes.
or they could just be:
authenticate
update parent zone
send back ack/nak
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
