Paul Wouters wrote: > On Sep 11, 2020, at 20:48, Paul Vixie <p...@redbarn.org> wrote: > > > > On Sat, Sep 12, 2020 at 09:40:11AM +1000, Mark Andrews wrote: > >> and why is it a RR type at all. An EDNS option or a opcode is better > >> suited > >> for this sort of thing. > > > > +1. > > An RR type can be signed and distributed differently and allow for preloading > of (distributed) caches which enhanced the decentralization of recursive DNS > servers.
As described in -00, a cached and re-distributed AUTHINFO RR is useless unless you know what nameserver address it applies to, and if an AUTHINFO RR isn't trustworthy unless it's signed then the AUTHINFO RR would need to embed the nameserver address that it applies to so that that information can be signed and validated as well. -- Robert Edmonds _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
