To:
dnsop@cafax.se
From:
"D. J. Bernstein" <djb@cr.yp.to>
Date:
7 Feb 2000 07:58:54 -0000
Sender:
owner-dnsop@cafax.se
Subject:
Re: RFC 2182 considered harmful
Edward Lewis writes: > There are folks whose set of name servers each have the same IP address. cr.yp.to is one of those. All services are provided by one computer. The only DNS outages are physical outages that also cut off web service and mail service. A separate DNS server would provide zero benefits. But I've seen people claim otherwise and point to RFC 2182. The document is wrong; it should be fixed. > I may have keying information or a > certificate stored that allows someone to read my encrypted mail message > warning of an upcoming outage. But you don't. Neither do I. Neither does a typical department server. RFC 2182 doesn't limit its requirements to your imaginary situation. It says that _all_ zones must always have accessible DNS servers. That's simply wrong. ---Dan