>After adding localhost to the root zone, the only thing that would change >is that asking the root zone for <blah>.localhost now results in >localhost. 86400 IN NSEC locker. A AAAA >localhost. 86400 IN RRSIG NSEC 8 1 86400 [...] > >Which still proves that <blah>.localhost doesn't exist. > >I'd say, no difference for that use case.
Right. That's why it'd need NSEC3 and opt-out. >>Putting A and AAAA records in the root is another thing that is >>technically simple but would require a rule change at IANA, and I don't >>think it's worth the hassle. > >Does the MoU between the IETF and ICANN really say no A records in the root >zone? Or is there another policy document between IETF and IANA? IANA has a whole bunch of policies about the management of the root that do not contemplate anything other than delegations and glue in the root zone. As I said, it wouldn't be impossible to change, but it would be a lot of work. It is my impression that just about everyone's DNS resolvers already have a special case for plain "localhost" so there is little point. Start here: https://www.iana.org/domains/root R's, John _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
