To:
DNSop List <dnsop@cafax.se>
From:
Chris Yarnell <cyarnell@coredump.arc.nasa.gov>
Date:
Wed, 20 Oct 1999 11:16:53 -0700 (PDT)
Sender:
owner-dnsop@cafax.se
Subject:
Re: I-D ACTION:draft-ietf-dnsop-root-opreq-00.txt
---------- Forwarded message ---------- Date: Thu, 17 Jun 1999 11:49:49 -0700 (PDT) From: Chris Yarnell <cyarnell@coredump.arc.nasa.gov> To: DNSop List <dnsop@cafax.se> Subject: Re: I-D ACTION:draft-ietf-dnsop-root-opreq-00.txt Hi, 2.7 Root servers MUST NOT answer AXFR, or other zone transfer, queries from clients other than other root servers. This restriction is intended to, among other things, prevent unnecessary load on the root servers. So, I still have some questions about this section of the draft: 1) If load on the server is the driving factor for this, why is it a MUST and not a SHOULD ? I would imagine that the operators of certain servers would be in a better position to decide whether they have the resources to allow it or not (with a strong recommendation that they "SHOULD NOT". 2) If there are other factors that require this to be a MUST, please list them. Security? Confidentiality? Stability? What? Note that we have disallowed AXFR at E for several years, so we are not looking to 'get around' this being a MUST for our own sake. I just don't think we should be dancing around this. If people want to codify a requirement that root servers disallow AXFR's for zones, the technical reasoning for such a requirement should be included.. Perhaps if you could explain your thinking, it'd make better sense to me. Tnx.