IETF Logo Mail Archive

Re: [DNSOP] One Chair's comments on draft-wessels-dns-zone-digest

Wes Hardaker <wjhns1@hardakers.net> Tue, 31 July 2018 13:49 UTC

Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03ADE130DF4 for <dnsop@ietfa.amsl.com>; Tue, 31 Jul 2018 06:49:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zk5dnvylsEQT for <dnsop@ietfa.amsl.com>; Tue, 31 Jul 2018 06:49:04 -0700 (PDT)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.192.181]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8556130DEF for <dnsop@ietf.org>; Tue, 31 Jul 2018 06:49:04 -0700 (PDT)
Received: from localhost (unknown [10.0.0.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.hardakers.net (Postfix) with ESMTPSA id 1A57C26F90; Tue, 31 Jul 2018 06:49:04 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Philip Homburg <pch-dnsop-3@u-1.phicoh.com>
Cc: dnsop@ietf.org, Wes Hardaker <wjhns1@hardakers.net>
References: <CADyWQ+HizOJsE9EZ=VEvrbnnyPwaG_yBRg7fP5VvUNTdnidXZA@mail.gmail.com> <ybl4lgg6ztm.fsf@w7.hardakers.net> <m1fkRCk-0000GTC@stereo.hq.phicoh.net>
Date: Tue, 31 Jul 2018 06:49:04 -0700
In-Reply-To: <m1fkRCk-0000GTC@stereo.hq.phicoh.net> (Philip Homburg's message of "Tue, 31 Jul 2018 11:44:24 +0200")
Message-ID: <yblmuu74isv.fsf@w7.hardakers.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Ilme35zYH_fRpQcxQAC37KRiNag>
Subject: Re: [DNSOP] One Chair's comments on draft-wessels-dns-zone-digest
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jul 2018 13:49:06 -0000

Philip Homburg <pch-dnsop-3@u-1.phicoh.com> writes:

> I think there is a big difference between distributing the root zone and
> distributing a few 'local' zones.
> 
> In the first case you need something that is massively scalable.

I'm afraid I don't see those as different problems like you do.  I'd
like a massively scalable way of distributing any zone, not just the
root.  If for no other reason, .arpa and root-servers.net should be
included too, for example.

Yes, huge zones like .com and similar are not possible.  But there are
many other TLDs that likely are possible to pre-cache and serve locally.

> In the second case, just create a tar file with a zone file and a hash, put
> it up on a web server and the problem is solved. Verifying the contents of a
> file is not exactly a new problem.

No, very true.  But a standardized and agreed upon way of doing it for
DNS zone data currently doesn't exist.  That's what we're trying to accomplish.

-- 
Wes Hardaker
USC/ISI

v2.23.0 | Report a Bug | By Email