Re: [nscp] Welcome (and proposed charter)

Paul Hoffman <> Wed, 15 September 2010 16:56 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 517C53A6ABE for <>; Wed, 15 Sep 2010 09:56:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -101.243
X-Spam-Status: No, score=-101.243 tagged_above=-999 required=5 tests=[AWL=0.803, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id h8UYEdWtVkgw for <>; Wed, 15 Sep 2010 09:56:58 -0700 (PDT)
Received: from (Hoffman.Proper.COM []) by (Postfix) with ESMTP id 80D973A6AB7 for <>; Wed, 15 Sep 2010 09:56:58 -0700 (PDT)
Received: from [] ( []) (authenticated bits=0) by (8.14.4/8.14.3) with ESMTP id o8FGvMWD061901 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 15 Sep 2010 09:57:23 -0700 (MST) (envelope-from
Mime-Version: 1.0
Message-Id: <p062408dbc8b6aaf55b1a@[]>
In-Reply-To: <>
References: <> <p062408d6c8b692e2c226@[]> <>
Date: Wed, 15 Sep 2010 09:57:20 -0700
To: jad <>
From: Paul Hoffman <>
Content-Type: text/plain; charset="us-ascii"
Subject: Re: [nscp] Welcome (and proposed charter)
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Nameserver control/configuration protocol discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 15 Sep 2010 16:56:59 -0000

At 5:53 PM +0100 9/15/10, jad wrote:
>On Sep 15, 2010, at 4:30 PM, Paul Hoffman wrote:
>> At 11:28 AM +0200 9/15/10, Jelte Jansen wrote:
>>> Objective
>>> - ---------
>>> Specify an interoperable mechanism to monitor, control and configure common
>>> functionality of DNS nameservers.
>> Probably the most common functionality is updating zone files. Is this in scope, out of scope, or not determined yet? There is clamoring for secure updating that is easier to configure and than SIG0 and its friends, and almost no one cares if this is done in the DNS protocol, so this WG might or might not be the right place for that.
>Our thinking at the time was that nscp would need some limited mechanism to create new zones. You need at least an SOA and filename after all. However, there are many ways that the zone data could be inserted into the zone. Dynamic updates,. AXFR, checkout from subversion, database.....
>So I do think that the bulk creation/insertion of zone data is out of scope. However, configuration of the nameserver so that it knows how to get that data is in scope.

If you think it is out of scope, the charter needs to day that.

OTOH, why not allow it using the same mechanism that is being used for the rest of the control? That is, don't prevent "Dynamic updates,. AXFR, checkout from subversion, database.....", but specify how to do it the same way as the rest of the control?

--Paul Hoffman, Director
--VPN Consortium