Re: [DNSOP] Multiple drafts discussing the use of DNS NOTIFY

Mon, 12 Jun 2023 01:40:42 -0700 

On 2023/06/12 08:49, Brian Dickson wrote:




On Sun, Jun 11, 2023 at 8:09 PM Paul Wouters <p...@nohats.ca 
<mailto:p...@nohats.ca>> wrote:



    On Jun 10, 2023, at 15:42, Tim Wicinski <tjw.i...@gmail.com
    <mailto:tjw.i...@gmail.com>> wrote:
    >
    > 
    > All
    >
    > The chairs have been looking at two different drafts discussing
    the use of using DNS NOTIFY to update DNSSEC information.

    Interesting, as the reason for using CDS et. all was because TLD
    operators didn’t want to receive and process NOTIFYs. Has this
    changed ?

    Related also the infamous “triggers vs timers”, where most TLDs
    didn’t want triggers. Has this changed?

    > We have some questions for the WG - if DNSOP adopted one of
    these, would DNS server vendors implement it down the road? (We
    think so)

    I don’t think that’s the right question. What to TLD operators want?



What has changed is the start of some Registrars taking on the role of 
"agent" for Registrants doing DNSSEC.
This mostly applies to CDS/CDNSKEY but might eventually also encompass 
some or all of CSYNC (modulo perhaps the update(s) being DNSSEC signed 
using an existing KSK).



So, the NOTIFY target could be such an agent (Registrar) who then 
forwards the appropriate update to the TLD via EPP.

I.e. the target would not be the TLD itself (directly).


(This is very early in the discussions among 
experimenters/implementers, but certainly seems feasible, and might 
reduce latency on updates and load on agents.)


Brian




This is certainly the approach I'd like to see. As a Registrar, about 
40% of the Domains I've registered on behalf of Registrants are under my 
DNS management and thus there is no need for either Polling or 
Notifies.. I'd also rather be in the path of any Updates by Registrants 
that outsource their DNS.





_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

--

Mark James ELKINS  -  Posix Systems - (South) Africa
m...@posix.co.za       Tel: +27.826010496 <tel:+27826010496>

For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za 
<https://ftth.posix.co.za>


Posix SystemsVCARD for MJ Elkins


_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop






















					Reply via email to