In message <d112810c.93f9%edward.le...@icann.org>, Edward Lewis writes: > > On 2/24/15, 17:47, "Mark Andrews" <ma...@isc.org> wrote: > > > >delegation-centric - a zone which consists mostly of delegations to child > >zones. > >the root zone and the com zone are examples of delegation-centric zones. > > Not arguing, but to raise a point - my response was âallâ and Markâs is > âmost.â > > Thereâs a subtly to the different that bothers me. Canât quite express > it.
There are tld that allow records at what would be the delegation point. There are also tld have the nic in the zone, etc. delegation-only are a subset of delegation-centric > Back when designing the DNSSEC, we were tempted to distinguish between > (what I recall the term to be there) widely delegated zones from others. > We decided to ditch that because when designing the protocol, when you > make that distinction, you have to build into the protocol a way to make > the distinction - that opened up a large set of issues. More or less, for > simplicity, we discarded that distinction. > > I guess what Iâm poorly saying, the term and definition should be given in > some fixed context. > > (Recall BINDâs delegation-only designation as a response to a wildcard in > a TLD. Later that backfired a bit when DNSSEC was added to TLDs. > DNSSECâs NSEC/NSEC3 records âbrokeâ the rules for delegation-only.) More we failed to add the necessary exceptions for the DNSSEC records types that exist at the parent side of a zone cut / empty node. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
