(with no hats, and perhaps less sense) I agree .internal should be a special use name. I don't see why it's that big an issue.
tim On Thu, Feb 6, 2025 at 2:50 AM Philip Homburg <pch-dnso...@u-1.phicoh.com> wrote: > > Personally I don't think that special actions in resolvers for > > INVALID and TEST are a good idea either; I would prefer consistent > > behaviour and no special cases, especially as I suspect that > > resolver operators that pay attention to this kind of thing and > > keep their software up-to-date probably already do aggressive > > NSEC caching and hence the risk to the root server system is > > lower than the risks related to increased complexity and camel > > exhaustion. But both risks seem small. > > > > If the consensus is that following the examples of INVALID and > > TEST is sensible then this would be a more convincing 6761-path > > to "special". > > > > I suppose I prefer SHOULD to MUST, but really I prefer "not > > special" to "special". > > I think the goal of INVALID and TEST is that they are not used for > production > traffic. So a special rule that by default resolvers do not try to resolve > those names is fine. > > The point of INTERNAL is the opposite. It is meant to be used for > production > traffic. Any host that contacts local resolvers in site that uses INTERNAL > should be able to resolve it. > > So anything that we write that would reduce or restrict resolving INTERNAL > is counter productive. > > There is however Mark's point about DNSSEC validation. I'll reply to his > message about that. > > _______________________________________________ > DNSOP mailing list -- dnsop@ietf.org > To unsubscribe send an email to dnsop-le...@ietf.org >
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
