Hi Paul,
Apologies for being late to the party.
> I have seen messages in the past few months about some vendors adding 7706,
> or 7706-like, support to recent versions of their resolvers. It would be
> grand if those of you who have shipping implementations of this could send
> the configurat
Tom Pusateri wrote:
>
> I think we have addressed all of the comments except for the Date format
> concern from Mark. That is still an outstanding issue.
The DNS currently has a couple of representations of absolute (POSIX
flavoured) time:
RRSIG, SIG, TKEY (32 bits with serial number arithmetic
On Tue 2019-02-19 12:28:08+1100 Mark wrote:
> Where is the need to use SHA-3? This is introducing a new algorithm
> for the sake of introducing a new algorithm. Just because TLS 1.3
> uses SHAKE128 is not a reason for DNS to use SHAKE128. There are
> plenty of platforms that don’t need to use TL
Tony,
> Am 19.02.2019 um 13:27 schrieb Tony Finch :
>
> The DNS currently has a couple of representations of absolute (POSIX
> flavoured) time:
>
> RRSIG, SIG, TKEY (32 bits with serial number arithmetic relative to now)
>
> TSIG (48 bits)
thanks for bringing up this point again. I was aware o
I have read the document.
I have a question about:
A zone administrator may
want to enforce a default lifetime for dynamic updates (such as the
DHCP lease lifetime) or the DNS Update may contain a lifetime using
an EDNS(0) Update Lease option [I-D.sekar-dns-ul].
This seems a local
Think disaster recovery and promoting a slave to master. You have to
transfer state between servers. You can transfer it in band or out of
band. If you transfer it out of band you need to invent / specify
yet-another-protocol to do it on top of specifying when records need to
be removed.
Mark
On Tue, 19 Feb 2019 at 21:27, Tim Wattenberg wrote:
> 8<
> RRSIG, SIG, TKEY (32 bits with serial number arithmetic relative to now)
> >
> > TSIG (48 bits)
>
> thanks for bringing up this point again. I was aware of the way RRSIG
> presents time but thanks for pointing us to TSIG – I hadn’t consi
On Wed, 20 Feb 2019, Mark Andrews wrote:
Think disaster recovery and promoting a slave to master. You have to
transfer state between servers. You can transfer it in band or out of
band. If you transfer it out of band you need to invent / specify
yet-another-protocol to do it on top of specify
> On 20 Feb 2019, at 4:35 pm, Paul Wouters wrote:
>
> On Wed, 20 Feb 2019, Mark Andrews wrote:
>
>> Think disaster recovery and promoting a slave to master. You have to
>> transfer state between servers. You can transfer it in band or out of
>> band. If you transfer it out of band you need
