Re: DNS vs. non-DNS Data (was Re: Signature at parent (draft-ietf-dnsop-parent-sig-00.txt))

["Eric A. Hall" <ehall@ehsco.com>]

> > in general, we discourage storing non-dns data in the dns.
> 
> What is the definition of "DNS data", actually?

Actually, it's probably a good idea to develop a concept consensus.

My definition is that the DNS is a lookup service similar to ARP. It just
happens to be distributed across a collection of interconnected partitions
in a hierarchical structure -- and there's a bunch of referral stuff to
make sure queries are sent to the right place -- but in the end devices
just issue targetted lookups for named resources and they expect an
unambiguous and consistent answer.

In that model, www.ehsco.com., mail.daimlerchrysler.com and ops.ietf.org
are all peer entries in a massive *FLAT* database (they happen to be
stored in separate partitions represented by a namespace but the global
database itself is flat).

Stuff that belongs in DNS is stuff that benefits from being used in a
non-authenticated, unambiguous, lightweight lookup service which is backed
by a global hierarchy of independent partitions. Stuff that doesn't belong
is anything that requires authentication, is ambiguous, can be served by a
standalone lookup, or consumes more valuable resources than it provides.

MX RRs work okay in that model. SRV RRs work okay (if they are picked up
and used to refer to richer or low-commodity-value services). Application
configuration does not belong (local only). User data does not belong
(requires authentication).

or was your question rhetorical

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/



to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.