Re: draft-durand-ngtrans-dns-issues-00.txt
Robert Elz <kre@munnari.OZ.AU> Fri, 28 June 2002 14:29 UTC
Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA28340 for <dnsop-archive@odin.ietf.org>; Fri, 28 Jun 2002 10:29:48 -0400 (EDT)
Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.12.5/8.12.5) with ESMTP id g5SE4xo2004364 for <dnsop-outgoing@nic.cafax.se>; Fri, 28 Jun 2002 16:04:59 +0200 (MEST)
Received: by nic.cafax.se (8.12.5/8.12.5/Submit) id g5SE4xKW004363 for dnsop-outgoing; Fri, 28 Jun 2002 16:04:59 +0200 (MEST)
X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-dnsop@cafax.se using -f
Received: from ratree.psu.ac.th ([202.28.97.5]) by nic.cafax.se (8.12.5/8.12.5) with ESMTP id g5SE4so2004351 for <dnsop@cafax.se>; Fri, 28 Jun 2002 16:04:55 +0200 (MEST)
Received: from delta.cs.mu.OZ.AU (delta.coe.psu.ac.th [172.30.0.98]) by ratree.psu.ac.th (8.11.6/8.11.6) with ESMTP id g5SE4mV06929; Fri, 28 Jun 2002 21:04:48 +0700 (ICT)
Received: from munnari.OZ.AU (localhost [127.0.0.1]) by delta.cs.mu.OZ.AU (8.11.6/8.11.6) with ESMTP id g5SE3wf15724; Fri, 28 Jun 2002 21:03:58 +0700 (ICT)
X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
From: Robert Elz <kre@munnari.OZ.AU>
To: Jim Reid <Jim.Reid@nominum.com>
cc: Shane Kerr <shane@ripe.net>, Alain Durand <Alain.Durand@sun.com>, ggm@apnic.net, dnsop@cafax.se
Subject: Re: draft-durand-ngtrans-dns-issues-00.txt
In-Reply-To: <44341.1025261740@shell.nominum.com>
References: <44341.1025261740@shell.nominum.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 28 Jun 2002 21:03:58 +0700
Message-ID: <15722.1025273038@munnari.OZ.AU>
Sender: owner-dnsop@cafax.se
Precedence: bulk
Date: Fri, 28 Jun 2002 03:55:40 -0700
From: Jim Reid <Jim.Reid@nominum.com>
Message-ID: <44341.1025261740@shell.nominum.com>
| Well as someone already said, signing wildcard RRs can't be done
| easily (if at all) with DNSSEC.
Yes, but even if you're not requiring DNSSEC level of authentication,
just doing the "lookup the name and compare the A6 (maybe AAAA) records
with the address I started with" trick doesn't work with wildcard
PTR records. It is almost possible to make it work with IPv4, by
simply giving the name in the wildcard PTR an RRSet that lists every
possible address. I suspect that's not going to work real well with
IPv6...
kre
- Re: Should a nameserver know about itself? Mats Dufberg
- Should a nameserver know about itself? Bruce Campbell
- Re: Should a nameserver know about itself? Randy Bush
- Re: Should a nameserver know about itself? bert hubert
- Re: Should a nameserver know about itself? Nathan Jones
- Re: Should a nameserver know about itself? Mark.Andrews
- Re: Should a nameserver know about itself? Mark.Andrews
- Re: Should a nameserver know about itself? Bill Woodcock
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Mans Nilsson
- Re: Should a nameserver know about itself? Randy Bush
- Re: Should a nameserver know about itself? Mans Nilsson
- Re: Should a nameserver know about itself? Cathy Murphy
- Re: Should a nameserver know about itself? Cricket Liu
- Re: Should a nameserver know about itself? Kenneth Porter
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Cathy Murphy
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Bill Manning
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Olaf Kolkman
- Re: Should a nameserver know about itself? itojun
- Re: Should a nameserver know about itself? James Raftery
- Re: Should a nameserver know about itself? Shane Kerr
- Re: Should a nameserver know about itself? Cricket Liu
- Re: Should a nameserver know about itself? Bruce Campbell
- Re: Should a nameserver know about itself? Jim Reid
- Re: Should a nameserver know about itself? Mark.Andrews
- Re: Should a nameserver know about itself? Mats Dufberg
- Re: Should a nameserver know about itself? bert hubert
- Re: Should a nameserver know about itself? Jim Reid
- Re: Should a nameserver know about itself? Peter Koch
- Re: Should a nameserver know about itself? Peter Koch
- Re: Should a nameserver know about itself? Sam Trenholme
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Sam Trenholme
- Re: Should a nameserver know about itself? James Raftery
- Re: Should a nameserver know about itself? Bruce Campbell
- Re: Should a nameserver know about itself? Sam Trenholme
- Re: Should a nameserver know about itself? Mats Dufberg
- Re: Should a nameserver know about itself? Mans Nilsson
- Re: Should a nameserver know about itself? Jim Reid
- Re: Should a nameserver know about itself? Kenneth Porter
- Re: Should a nameserver know about itself? Mats Dufberg
- Checks performed during delegation. Bruce Campbell
- Re: Checks performed during delegation. Mats Dufberg
- Re: Should a nameserver know about itself? D. J. Bernstein
- Re: Should a nameserver know about itself? Shane Kerr
- Re: Should a nameserver know about itself? bert hubert
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Bruce Campbell
- Re: Should a nameserver know about itself? Bill Manning
- Re: Should a nameserver know about itself? D. J. Bernstein
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Robert Elz
- Re: Should a nameserver know about itself? Shane Kerr
- Re: Should a nameserver know about itself? Mark.Andrews
- Re: Should a nameserver know about itself? George Michaelson
- Re: Should a nameserver know about itself? Bruce Campbell
- Re: Should a nameserver know about itself? D. J. Bernstein
- Re: Should a nameserver know about itself? James Raftery
- Re: draft-durand-ngtrans-dns-issues-00.txt Jim Reid
- Re: draft-durand-ngtrans-dns-issues-00.txt Robert Elz