On Fri, Apr 7, 2017 at 8:11 PM, Evan Hunt wrote: > Here's the new ANAME draft I mentioned last week.
Hey, thanks for this one! I support the attempt to define a record type that would cover the existing vendor-specific types that synthesize A/AAAA records in zone apex. If this gets adopted by the vendors, it means possible zone transfers between these providers. On the other hand, I don't like the part which moves ANAME processing to resolvers. I'll comment on that separately. Besides that, The Security Section should warn DNS operators that ANAME may be misused to leak data from any internal networks the server is part of. This was so far concern for resolvers, but with ANAME it may become a concern for authoritative servers as well. Jan _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
