On 2013-12-05, at 07:15, Chris Thompson <c...@cam.ac.uk> wrote: > On Dec 4 2013, Joe Abley wrote: > > [...snip...] >> There was at least one study commissioned by ICANN on the prudence of >> provisioning DNAME RRs in the root zone that concluded that there was >> no obvious danger, but remember that any novel RRTypes in the root zone >> are going to need implementation time in the systems and processes >> involved in root zone management, and such changes have proven in the >> past to be neither quick nor easy. > > How would such DNAMEs interact with use of BIND's "root-delegation-only" > (or equivalents, if any, in other software)? Do we have any idea how > widespread use of that option is?
I don't recall there ever being a time when the default behaviour of BIND9 was to insist on delegation-only behaviour from the *root* zone. As I remember those fun and exciting, lawyer-infested times the delegation-only behaviour was applied to all TLD zones, except those that were specified as needing to be otherwise. I presume this was an attempt to avoid calling out COM and NET explicitly. Did I remember wrongly? Entirely possible ;-) > When "ipv4only.arpa" appeared as a delegation in October, I did wonder > why it wasn't just an A rrset in the "arpa" zone, until I thought of > that issue. Although maybe the reasoning was actually different. I was involved in that conversation. I promoted the idea of a delegation simply because the machinery behind the scenes was built to facilitate delegations rather than the addition of arbitrary records to the ARPA zone, and the corresponding processes were similarly delegation-centric. Implementing an apex A in a daughter zone seemed like the pragmatic answer, and the authors of the draft that requested ipv6only.arpa were happy to agree. Joe
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
