It appears that Edward Lewis <eppdnsprotoc...@gmail.com> said: >My first concern is that if the entries under _deleg.$parent will “leak” the >registrar (when applicable) of a name for names >that are run by operators that are not also registrars for the name. I don’t >know if this is a business concern.
It's a business decision. If the registry doesn't want that to happen, they can run a NOTIFY proxy. In practice, if you look at the NS records you can see who's runing the DNS, and it's not hard to tell which NS are run by registrars. >My second concern relates to failed requests for services - i.e., a NOTIFY is >sent to update a domain’s records. After some time >passes the respondent discovers the domain is locked, thus the request cannot >be satisfied. How the requestor is able to associate >the error with the request that is not being satisfied? See RFC 1996, section 4.8. >During EPP development time, there was a concern over errors that emerged >after the message exchange was finished. Queues had to >be created by servers for clients and a mechanism to poll for queued messages. > This experience is what makes mention the second >concern. Remember that the notification is just a hint. Whatever receives the NOTIFY might decide to try the update on its own, so I don't see any new issues here. You're right that if a CDS key roll doesn't happen, there is no way to tell the child what the problem was, but that's been true as long as there's been CDS. R's, John _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
