To:
Jakob Schlyter <jakob@crt.se>
cc:
Walt Howard <howard@eng.utah.edu>, <keydist@cafax.se>
From:
Simon Josefsson <simon+keydist@josefsson.org>
Date:
Wed, 17 Apr 2002 10:40:55 +0200 (CEST)
In-Reply-To:
<Pine.OSX.4.44.0204161554520.3556-100000@forastero.dynamic.schlyter.pp.se>
Sender:
owner-keydist@cafax.se
Subject:
Re: Let's assume DNS is involved
On Tue, 16 Apr 2002, Jakob Schlyter wrote: > On Tue, 16 Apr 2002, Simon Josefsson wrote: > > > This makes no sense to me. What do you mean by a "host's RRset"? The > > host's IN A RRset? APPKEY/CERT IN RRs are separated from a host's IN A > > RRset. Any number of IN APPKEY/CERT RRs attached to a domain name does > > not affect the size of an IN A query for that domain name. > > many applications in the past, and probably still, queries for ANY. If they still do (I was only aware of one application, and it doesn't do this anymore AFAIK), I doubt it would create a problem that anyone would notice. If someone would notice, they can fix their software (as ANY cannot be relied on anyway). In any case, this would not harm anyone else but people putting keys in DNS, if someone was afraid this problem could cause problems for someone else. To summarize, I don't see why there is a need to optimize to size of {owner name, CLASS} sets.