[DNSOP] NSCP Pros and Cons: draft-dickinson-dnsop-nameserver-control
Stephen Morris <sa.morris7@googlemail.com> Tue, 07 December 2010 11:34 UTC
Return-Path: <sa.morris7@googlemail.com>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C05E33A697D for <dnsop@core3.amsl.com>; Tue, 7 Dec 2010 03:34:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.099
X-Spam-Level:
X-Spam-Status: No, score=-103.099 tagged_above=-999 required=5 tests=[AWL=0.500, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5L9hk7+Lsjqi for <dnsop@core3.amsl.com>; Tue, 7 Dec 2010 03:34:41 -0800 (PST)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 488263A6979 for <dnsop@ietf.org>; Tue, 7 Dec 2010 03:34:40 -0800 (PST)
Received: by wyf23 with SMTP id 23so12344375wyf.31 for <dnsop@ietf.org>; Tue, 07 Dec 2010 03:36:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:from:content-type :content-transfer-encoding:date:subject:to:message-id:mime-version :x-mailer; bh=+/sHslqsdETL0OjF8CBeSyKxyeZ5U3V/+GGhxxW/oH4=; b=fAfLupjz8Q4k1uuJyuDaltVKHa4Hzmel21LE7vwNZkeM7L6txZayAJpx0Wnd6u2BAL iISO5+bqYw13yLoPtZ6ZeKb48SSwNqXacyPk6VEOUV8khihhLilB3UCl6MmZYujMYw1g Klnfjt1fRFc10St7dj2WNjq37fsoLEi2rC0Uk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=from:content-type:content-transfer-encoding:date:subject:to :message-id:mime-version:x-mailer; b=uuW9Y8tMJCWaG3wwMSFKeYSN42H236NNpXoLyCbAlB3Gsy5OKvNpntyrQJd8opZ46+ FuUn0nNXtQYgH2ZLe/zJKRq1+JrZPtIkXo810zZ3yGf88WUTBUb/Td/apnST5ViC759I pWPzICxBtlO3+NePseC9/R7RUacO4dMP3bQCY=
Received: by 10.227.13.140 with SMTP id c12mr463021wba.132.1291721764774; Tue, 07 Dec 2010 03:36:04 -0800 (PST)
Received: from [192.168.1.102] ([217.155.47.50]) by mx.google.com with ESMTPS id q18sm4183635wbe.5.2010.12.07.03.36.03 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 07 Dec 2010 03:36:04 -0800 (PST)
From: Stephen Morris <sa.morris7@googlemail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 07 Dec 2010 11:36:02 +0000
To: dnsop@ietf.org
Message-Id: <0DC4B07E-C07E-4331-8249-1A786552D52C@googlemail.com>
Mime-Version: 1.0 (Apple Message framework v1082)
X-Mailer: Apple Mail (2.1082)
Subject: [DNSOP] NSCP Pros and Cons: draft-dickinson-dnsop-nameserver-control
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Dec 2010 11:34:44 -0000
At the WG meeting in Beijing, the somewhat inconclusive discussion on a nameserver control protocol was ended by the suggestion that the authors of the two drafts discussed should write a short piece discussing the pros and cons of their proposals and post it to the list. This is that piece for draft-dickinson-dnsop-nameserver-control. Pros 1) A standard data model This was one of the requirements identified in draft-ietf-nameserver-management-reqs and is the core of NSCP. If a sufficiently complete model covering a reasonable number of nameservers can be identified, it will be possible for even basic clients to perform a useful set of functions. 2) Use of a standard protocol Use of NETCONF provides the necessary protocol superstructure to support remote management of nameservers. Amongst other things it provides: * Persistent connections * Secure authentication * Basic set of commands for listing and manipulating elements in the server * Means of matching commands and responses * Reporting of errors * Ability to define new commands * Concurrent access to a server by multiple clients: locking is supported and an access control model allowing different clients to access different parts of the server is under development * A defined extension mechanism, allowing seamless incorporation of both protocol and vendor extensions. Cons 1) No mechanism for automatically copying configuration from one nameserver to another. Work Required At present, the data model is still rudimentary. Detailed attributes still need to be defined for each entity, in particular for the "DNSSEC Policy" object. As a way forward, the first step should be to concentrate on refining the data model. Stephen
- [DNSOP] NSCP Pros and Cons: draft-dickinson-dnsop… Stephen Morris
- Re: [DNSOP] NSCP Pros and Cons: draft-dickinson-d… Jelte Jansen
- Re: [DNSOP] NSCP Pros and Cons: draft-dickinson-d… Stephen Morris
- Re: [DNSOP] NSCP Pros and Cons: draft-dickinson-d… Jelte Jansen