Re: [DNSOP] Re: AS112 for TLDs
Mark Andrews <Mark_Andrews@isc.org> Wed, 05 December 2007 17:39 UTC
Return-path: <dnsop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IzyD7-0001E2-0p; Wed, 05 Dec 2007 12:39:01 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IzyD6-0001Du-9p for dnsop@ietf.org; Wed, 05 Dec 2007 12:39:00 -0500
Received: from [2001:df8:0:16:216:6fff:fe46:b75d] (helo=drugs.dv.isc.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IzyD2-0000Ud-JB for dnsop@ietf.org; Wed, 05 Dec 2007 12:39:00 -0500
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.1/8.14.1) with ESMTP id lB5HctEO001903; Thu, 6 Dec 2007 04:38:55 +1100 (EST) (envelope-from marka@drugs.dv.isc.org)
Message-Id: <200712051738.lB5HctEO001903@drugs.dv.isc.org>
To: Joe Baptista <baptista@publicroot.org>
From: Mark Andrews <Mark_Andrews@isc.org>
Subject: Re: [DNSOP] Re: AS112 for TLDs
In-reply-to: Your message of "Wed, 05 Dec 2007 11:40:44 CDT." <4756D48C.4090204@publicroot.org>
Date: Thu, 06 Dec 2007 04:38:55 +1100
X-Spam-Score: -1.4 (-)
X-Scan-Signature: 1a1bf7677bfe77d8af1ebe0e91045c5b
Cc: dnsop@ietf.org, Paul Vixie <Paul_Vixie@isc.org>
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Errors-To: dnsop-bounces@ietf.org
> This is a multi-part message in MIME format. > --------------070503020104070709050909 > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > Content-Transfer-Encoding: 7bit > > Mark Andrews wrote: > > >>Actually no. That is not correct. I did some experimentation using > >>BIND 8 and 9 as root servers. BIND 8 does not support > >> > >>*. CNAME some.host.name. > >> > >> > > > > Actually all versions of BIND support "* CNAME". > > > > > Sorry - your right - its DNAME it does not do. > > > > > > > > >>But BIND 9 does. > >> > >>I know it sounds terrible to you but I think the RFC is flexible on > >>that. Your the expert - you look into it. So it would be so nice if I > >>could under BIND 9 do: > >> > >>*. NS some.host.name. > >> > >> > > > > Wildcard matching has the wrong semantics (1 vs many labels) > > for NS records. Even if the semantics where addressed you > > then have to set up nameservers to do wildcard processing > > while looking for the relevent zone. This implies having > > a copy of the parent zone so you can know what query names > > don't match the wildcard. > > > > > Ya I know. Thats the whole point behind what i'm advocating for AS112. > Those are the servers I would wildcard too. At least i would like to > run the experiment. I have found some servers that do *. NS - or so i'm > told by their support tech community. But not BIND. BIND should be > flexible and allow that. It's been done. IT DOES NOT WORK. named has code to prevent the records being added because IT DOES NOT WORK and we got sick and tired of telling people who ran up against sites that did it that IT DOES NOT WORK. It's better to prevent than to spend repeated amounts of time dealing with the repercussions. It's easy to remove the checks but then you need to make sure all clients will work with the resultant mess. Wildcard is defined for intra-zone use. It is not defined for extra-zone use. Mark > regards > joe baptista > > -- > Joe Baptista www.publicroot.org > PublicRoot Consortium > ---------------------------------------------------------------- > The future of the Internet is Open, Transparent, Inclusive, > Representative & Accountable to the Internet community @large. > ---------------------------------------------------------------- > Office: +1 (202) 517-1593 > Fax: +1 (509) 479-0084 > > > --------------070503020104070709050909 > Content-Type: text/x-vcard; charset=utf-8; > name="baptista.vcf" > Content-Transfer-Encoding: 7bit > Content-Disposition: attachment; > filename="baptista.vcf" > > begin:vcard > fn:Joe Baptista > n:Baptista;Joe > org:PublicRoot Consortium > adr:;;963 Ford Street;Peterborough;Ontario;K9J 5V5 ;Canada > email;internet:baptista@publicroot.org > title:PublicRoot Representative > tel;fax:+1 (509) 479-0084 > tel;cell:+1 (416) 912-6551 > x-mozilla-html:FALSE > url:http://www.publicroot.org > version:2.1 > end:vcard > > > --------------070503020104070709050909-- -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop
- [DNSOP] AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Phil Regnauld
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- L-Root address change [Re: [DNSOP] AS112 for TLDs] Peter Koch
- [DNSOP] Re: L-Root address change (Was: AS112 for… Stephane Bortzmeyer
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: [DNSOP] Re: L-Root address change (Was: AS112… Ralf Weber
- Re: L-Root address change [Re: [DNSOP] AS112 for … Matt Larson
- Re: L-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: L-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: B-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: L-Root address change [Re: [DNSOP] AS112 for … JINMEI Tatuya / 神明達哉
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: L-Root address change [Re: [DNSOP] AS112 for … John Crain
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Phil Regnauld
- Re: [DNSOP] AS112 for TLDs Brian Dickson
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Masataka Ohta
- Re: [DNSOP] AS112 for TLDs Elmar K. Bins
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- [DNSOP] Re: AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Mohsen Souissi
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Paul Vixie
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Edward Lewis
- Re: [DNSOP] Re: AS112 for TLDs Paul Vixie
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: L-Root address change (Was: AS112… Florian Weimer
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] Re: AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Sebastian Castro Avila
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Sebastian Castro
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Joe Abley
- Re: [DNSOP] AS112 for TLDs Paul Vixie
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Frederico A C Neves
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs John L. Crain
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Dean Anderson
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Jaap Akkerhuis
- Re: [DNSOP] AS112 for TLDs Dean Anderson
- Re: [DNSOP] AS112 for TLDs Peter Koch
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Paul Vixie
- Re: [DNSOP] AS112 for TLDs Warren Kumari