To:
Paul A Vixie <vixie@vix.com>
Cc:
Alexis Yushin <alexis@nlnetlabs.nl>, James Aldridge <jhma@KPNQwest.net>, Jim Bound <seamus@bit-net.com>, Matt Crawford <crawdad@fnal.gov>, ngtrans@sunroof.eng.sun.com, namedroppers@ops.ietf.org, ipng@sunroof.eng.sun.com, dnsop@cafax.se
From:
Johan Ihren <johani@autonomica.se>
Date:
08 Aug 2001 12:02:58 +0200
In-Reply-To:
Paul A Vixie's message of "Tue, 07 Aug 2001 09:00:29 -0700"
Sender:
owner-dnsop@cafax.se
User-Agent:
Gnus/5.070095 (Pterodactyl Gnus v0.95) Emacs/20.3
Subject:
Re: (ngtrans) Joint DNSEXT & NGTRANS summary
Paul A Vixie <vixie@vix.com> writes: > > I see a big difference between deprecating/moving to historic and changing > > status to experimental. Experemental implies further development. > > I don't see that difference here. Just as "let's let the market decide" > really just means "let's do whatever Microsoft wants", so it is that "let's > make it experimental" really just means "let's move on." (I find it amusing > that SRV was experimental but that Microsoft's use of it pulled it forward.) > > I was not able to be in London, but had I been there my comments would've been: > > Let's not expect stub resolvers to do the caching necessary to > understand either A6 or SIG/KEY -- those are things which servers > ought to use to talk to other servers. Stub resolvers making > recursive requests of their name servers should be using AAAA and > TSIG. AAAA synthesis of underlying A6, and TSIG to protect > verified KEY/SIG data for the last mile, is all a client needs. > Every argument against SIG/KEY or against A6 comes down to either > the caching problem or the complexity problem, and if we insulate > the end-stations from those problems, the arguments are reduced to > things which authority-side tools can be made to cope with. > > Hopefully this point was made by somebody. It was made, but not as succinctly. However, AAAA synthesis was mostly presented as a transition mechanism leading towards an A6-only future. I think that is a mistake and what worries people who are satisfied with their working AAAA-based stub resolver. Your point (in another mail) about renumbering as a defence againg being locked in by your provider was definitely not made. Johan Ihren Autonomica