In message <20160510160757.13221.qm...@ary.lan>, "John Levine" writes: > > Administrators should consider whether the lack of user-specified > > hostnames is a drawback. > > > >This is not true - it would be trivial to allow the enduser to specify a > >few specific hostnames and deterministically auto generate the rest. > > Putting names into the zone is the easy part. Deciding who's allowed to > add names and what names they're allowed to add is not.
For reverse zones, UPDATE over TCP from the matching IP works and there are nameservers that support this and can be configured to only accept PTR records as well. It wouldn't be hard to add a EDNS option that says "remove if not refreshed after XXXX seconds" to the update request and the master server could maintain a time based list to clean up. One can do UPDATE over TCP self for PTR + KEY (or just KEY) and self using SIG(0) of PTR + KEY once the KEY is installed. This allows the client to clean up after itself independent of the address the UPDATE request comes from. Server implementations already support this. One can do update TCP self /48 (already implemented in some servers) (or any other configured prefix length) to install NS records or DNAME records to do "delegations" of either style. Allow KEY to allow client cleanups. The DHCP server can remove the delegation when the PD expires so you have cleanup. The update self size needs to be tuned to the PD size. If you want to add more moving parts the DHCP server can add the KEY which is supplied w/ the DHCP PD request. This is not hard to do. We just need to pick what is reasonable to do and recommend it. The customer side will appear once we recommend a approach. Border routers do the delgation while individual nodes to the self updates. Mark > R's, > John > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
