As far as I can tell the structure of the parent zone is irrelevant to this problem. There are basically two parties that we care about: the child zone, and some entity that is capable of updating the delegation in the parent. What that entity is does not matter: registry / registrar / some gateway between this protocol and some proprietary protocol / whatever.
The questions we need to answer are: * How does the child signal what should be in the parent? This can't simply be "just use the apex NS and SEP DNSKEY records" because that doesn't cope with some change-of-hosting-provider or key-rollover scenarios. So we need an analysis of the scenarios this has to accommodate. These are all about configuration changes at the child: as far as I can tell changes at the parent (such as change of registrar) are irrelevant. * How does the child signal when a change should happen? Implicitly, by updating some published data? With a time field in the data? By some out-of-band do-it-now signal? * Is the protocol stateful or not? For instance, along the lines of RFC 5011. If it is, can the child query the state? If so, how? * Is it entirely in-band? Should it include any non-DNS signalling mechanisms? A profile of EPP perhaps? Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
