On Tue, 19 Apr 2011, Antoin Verschuren wrote:
I think the definition of a hidden master is that it is not reachable
from the public Internet, and therefor it's hostname does not need to
resolve on the public Internet.
The SOA RRs MNAME field was defined before hidden masters were used, so
I don't know if a hostname in the MNAME field should resolve and be
reachable. If it is, then it's no longer a hidden master, but just a
public master that is not in the NS set.
I think the best way forward for now is to say "it is not listed in the
NS RRSet" and not mention anything about the MNAME field.
It wouldn't be bad to mention something about not putting "bogus" text in the
MNAME field. One example (not to pick on them specifically) is easydns, which
puts dns0.easydns.com in the MNAME, with the idea that no one should resolve
that anyway because it is not in the NS RRSet of their domains. But it still
leaks out RFC19198 space (hopefully into a close by AS112 server)
Though perhaps this is too out of scope for 4641bis
Paul
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
