Re: draft-durand-ngtrans-dns-issues-00.txt

[Shane Kerr <shane@ripe.net>]

On 2002-06-28 15:32:26 +0700, Robert Elz wrote:
>     Date:        Thu, 27 Jun 2002 17:28:40 -0700
>     From:        Alain Durand <Alain.Durand@sun.com>
>     Message-ID:  <FE914F7F-8A2D-11D6-AEEB-00039376A6AA@sun.com>
> 
>   | My draft suggest to use wildcard PTR records. Does it makes
>   | sense?
> 
> No.   While technically they're allowed, they make no sense to
> actually use.   PTR records (for this purpose) are useful only if
> there's some way to verify them.

It's also not clear to me how a wildcard PTR is different from (or
better than) a NS record.

<snip/>

> Let's just trash the concept, make name->address a one way function,
> and be done with all of this (which includes how we manage to find
> names for 3041 addresses, just in case someone doesn't see that as a
> totally stupid question).

This is an interesting idea.  To be honest, I gave up on address to
name mapping in IPv6 a while ago.  Doing it in a manner that is both
sufficiently distributed and secure seems like a very difficult
problem, and the benefits are not at all clear.

The problem as I see it is that IPv6 is so huge that it requires
automated processes to manage address space.  This means either
running a DNS server at each level or allowing dynamic updates.
Either one requires strong trust relationships be established - which
is going to be a lot of work.

I agree with the proposal.

-- 
Shane
Not speaking on behalf of any other entity.