To:
Jakob Schlyter <jakob@crt.se>
cc:
Walt Howard <howard@eng.utah.edu>, <keydist@cafax.se>
From:
Simon Josefsson <simon+keydist@josefsson.org>
Date:
Wed, 17 Apr 2002 10:40:55 +0200 (CEST)
In-Reply-To:
<Pine.OSX.4.44.0204161554520.3556-100000@forastero.dynamic.schlyter.pp.se>
Sender:
owner-keydist@cafax.se
Subject:
Re: Let's assume DNS is involved
On Tue, 16 Apr 2002, Jakob Schlyter wrote:
> On Tue, 16 Apr 2002, Simon Josefsson wrote:
>
> > This makes no sense to me. What do you mean by a "host's RRset"? The
> > host's IN A RRset? APPKEY/CERT IN RRs are separated from a host's IN A
> > RRset. Any number of IN APPKEY/CERT RRs attached to a domain name does
> > not affect the size of an IN A query for that domain name.
>
> many applications in the past, and probably still, queries for ANY.
If they still do (I was only aware of one application, and it doesn't do
this anymore AFAIK), I doubt it would create a problem that anyone would
notice. If someone would notice, they can fix their software (as ANY
cannot be relied on anyway). In any case, this would not harm anyone else
but people putting keys in DNS, if someone was afraid this problem could
cause problems for someone else.
To summarize, I don't see why there is a need to optimize to size of
{owner name, CLASS} sets.