I have not reviewed this doc in depth; I'm just commenting on little
things I noticed, and this review should not be considered complete.
This was triggered by seeing the RR type template on the DNSEXT WG
mailing list.
1) Why require the SEP bit set? The SEP bit has, to date, been merely
advisory. Is it NECESSARY to insist on it here?
2) I notice that the doc doesn't actually say "replace" (or
"augument") the DS set using the CDS material. Did you intend to say
that?
3) The "why not use DS" explanation is not quite satisfying: it
doesn't go into the mess of "what would happen if DS could appear at
both". I don't think we want to go there, but I'm not sure what
justification you can offer without going there.
You might also want to address the question of "why not use the DLV or
TA RR types". If this doc were to tell parent zones to take action
based on the pressence of a CDS RRset, it might be plausible to say:
"because the pressence of this record is intended to be a signal to
the parent, it is inappropriate to reuse any other RR type, for fear
that the other RR type might appear for unrelated reasons". That
explanation may not work for the DS RR type, since the parent
presumably knows that the apex of the child zone is, indeed, a zone
apex.
-- Sam
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
