On Apr 13, 2012, at 3:30 PM, Jaap Akkerhuis wrote:
>> More pragmatically, while I understand the theory behind rejecting NTAs,
>> I have to admit it feels a bit like the IETF rejecting NATs and/or DNS
>> redirection. I would be surprised if folks who implement NTAs will stop
>> using them if they are not accepted by the IETF.
>>
> it is still not a reason for the IETF to standardize this.
With the implication that multiple vendors go and implement the
same thing in incompatible ways. I always get a headache when
this sort of thing happens as the increased operational costs
of non-interoperable implementations usually seems more damaging
to me than violations of architectural purity. Different
perspectives I guess.
If people have to do te hack themselves, they are more likely to
understand what they are doing. If you want to give a standard tool
they might apply it just because it is there. It is like the BIND
(temporary?) "delegation only" hack. Lots of people applied it
without understanding.
As an example, when some authoritative domains brough all there
name servers in balliwick, it broke the lookup for those domains and
people couldn't figure out why.
And apart from this operational problem, there are more principal
objections such as pointed out by Doug.
jaap
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
