Re: [dnsext] draft-yao-dnsext-identical-resolution-02 comment

[Andrew Sullivan <ajs@shinkuro.com>]

On Mon, Feb 14, 2011 at 05:05:02PM +0200, Vaggelis Segredakis wrote:

> I can understand that a number of issues would need to be sorted before such
> a solution could be used. However I believe that there is a need for it.

Speaking only for myself, this is the crux of the issue.  What you're
saying is that the technology is needed, but the objection that some
have raised is that such a technology won't really work except in the
most trivial cases.  Since the trivial cases could just as easily be
solved with DNAME + other records at the apex, it's hard to justify
making a big change to the protocol.

Now, if the suggestion is that the parent _needs to_ enforce policies
in the tree underneath the parent, then we have a different argument,
because DNAME on the parent side won't really work for this purpose.

Speaking as co-chair but without having run this text past Olafur: in
respect of having a meeting, the issue is that we've already talked
about this topic a lot in meetings.  We discussed it at length in
Anaheim, had a special session about it in Maastricht, devoted meeting
time to in Beijing, and even had an interim teleconference.  But in
between those events very little discussion on the topic seems to have
happened.  Moreover, when we do have discussion it tends to focus on
existing proposals: "Do BNAME", for instance.  But the problem we have
is that we cannot tell whether BNAME (or any other proposal) actually
addresses the particular problems people have.  So either we get a
clear and broadly agreed-upon statement of the problem we are trying
to solve, or we don't solve the problem (because if we can't say what
it is, I think that means we don't know).

Best,

Andrew

-- 
Andrew Sullivan
ajs@shinkuro.com
Shinkuro, Inc.