IETF Logo Mail Archive

Re: [dnsext] zone cut semantics

"W.C.A. Wijngaards" <wouter@NLnetLabs.nl> Mon, 21 February 2011 16:33 UTC

Return-Path: <wouter@nlnetlabs.nl>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8FF553A6FEF for <dnsext@core3.amsl.com>; Mon, 21 Feb 2011 08:33:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vWyVA1IpP9NF for <dnsext@core3.amsl.com>; Mon, 21 Feb 2011 08:33:34 -0800 (PST)
Received: from open.nlnetlabs.nl (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::1]) by core3.amsl.com (Postfix) with ESMTP id B29323A6FE4 for <dnsext@ietf.org>; Mon, 21 Feb 2011 08:33:33 -0800 (PST)
Received: from gary.nlnetlabs.nl (gary.nlnetlabs.nl [IPv6:2001:7b8:206:1:216:76ff:feb8:1853]) (authenticated bits=0) by open.nlnetlabs.nl (8.14.4/8.14.4) with ESMTP id p1LGYEMu086705 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for <dnsext@ietf.org>; Mon, 21 Feb 2011 17:34:14 +0100 (CET) (envelope-from wouter@nlnetlabs.nl)
Message-ID: <4D629406.6070807@nlnetlabs.nl>
Date: Mon, 21 Feb 2011 17:34:14 +0100
From: "W.C.A. Wijngaards" <wouter@NLnetLabs.nl>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc13 Lightning/1.0b3pre Thunderbird/3.1.7
MIME-Version: 1.0
To: dnsext@ietf.org
References: <29759628.846.1298261358059.JavaMail.root@benjamin.baylink.com>
In-Reply-To: <29759628.846.1298261358059.JavaMail.root@benjamin.baylink.com>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.6 (open.nlnetlabs.nl [IPv6:2001:7b8:206:1::53]); Mon, 21 Feb 2011 17:34:14 +0100 (CET)
Subject: Re: [dnsext] zone cut semantics
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Feb 2011 16:33:35 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Brandon, Jay,

On 02/21/2011 05:09 AM, Jay Ashworth wrote:
>> independently verified through the com. servers? I was under the
>> impression this is why it matters whether example.org.'s nameserver
>> glue is or isn't within org., and hence my whole point about why this
>> matters for glue. An un-snarky correction on this would be
>> appreciated :P
> 
> It is just a "temporary name", I suppose, and if you have an authoritative
> locally cached copy of the pointer to the zone server, I suppose it might
> override what you're handed... but then you wouldn't trace the whole
> chain, anyway, would you?

It is not 'temporary', but 'lower ranked', and this is defined in
RFC2181.  Where you find that the data from the example.org is preferred
over this data.  But until you have that data, this is what you use (to
get there, as Jay infers).

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk1ilAUACgkQkDLqNwOhpPgVgACfYFNS7UWAlrHuaUe3HYoPggMa
mOMAn0mFS3K1n7Gc6cCUdYArozYD2vDH
=VVBq
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email