On Apr 19, 2013, at 10:15, Joe Abley wrote: > Ah yes, also that. OK, I've thrown it in the bad idea bucket. :-)
One of the regrets about DNS design is that we used NS above and below the zone cut. That complicated DNSSEC. We resisted the temptation to have KEY (later called DNSKEY) at both parent and child because of the issues. NSEC, yes, sigh, it was a headache but we scaled that mountain. So, "in the big book of boo-boos" (to quote Doc McStuffins), we should avoid having the same type appear above and below a cut. It pays to have a separate name - even if that alone is the difference (in the presentation format ;)). -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 There are no answers - just tradeoffs, decisions, and responses.
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
