Hiya, I really like this idea. Many ISPs already do this, (including some high profile public recursives, like Google and OpenDNS), because it simply makes sense: It reduces latency for the end user, reduces outbound traffic overhead, eliminates an attack vector.
This specific document shouldn’t be a discussion point at all. Folks are doing this right now. What we need is a BCP that describes: IFF you are going to do it, here is how. I would also like to see some facilitation around this as well: a notify service of new versions, a zone distribution service (xfer service), possibly out of ICANN or VeriSign. Personally, I’m interested in what operators of large recursives have to say about this. Hope this helps. Roy > On 04 Jul 2014, at 21:50, Paul Hoffman <paul.hoff...@vpnc.org> wrote: > > Greetings. Warren and I have done a major revision on this draft, narrowing > the design goals, and presenting more concrete proposals for how the > mechanism would work. We welcome more feedback, and hope to discuss it in the > WG in Toronto. > > --Paul Hoffman > > Begin forwarded message: > >> From: internet-dra...@ietf.org >> Subject: I-D Action: draft-wkumari-dnsop-dist-root-01.txt >> Date: July 3, 2014 at 2:17:46 PM PDT >> To: i-d-annou...@ietf.org >> Reply-To: internet-dra...@ietf.org >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> >> >> Title : Securely Distributing the DNS Root >> Authors : Warren Kumari >> Paul Hoffman >> Filename : draft-wkumari-dnsop-dist-root-01.txt >> Pages : 9 >> Date : 2014-07-03 >> >> Abstract: >> This document recommends that recursive DNS resolvers get copies of >> the root zone, validate it using DNSSEC, populate their caches with >> the information, and also give negative responses from the validated >> zone. >> >> [[ Note: This document is largely a discussion starting point. ]] >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-wkumari-dnsop-dist-root/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-wkumari-dnsop-dist-root-01 >> >> A diff from the previous version is available at: >> http://www.ietf.org/rfcdiff?url2=draft-wkumari-dnsop-dist-root-01 > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
