This gets you a single lookup with no followup queries required
once the recursive server supports this. If the client is still
talking to a legacy server it would still need to do followup queries
for missing records.
I like this but there's an obvious question: if the recursive server has
to know about ANAME anyway, have the it do the extra fetches, and all of
the DNSSEC troubles go away.
Straw man, er, straw being:
name ANAME canonname servername rrtype1 rrtype2 ...
If the authoritative server gets a request for one of the rrtypes, it
returns the ANAME. (If it gets a request for a type that isn't in the
ANAME and there isn't a real RR, it returns the usual NOERROR.) The cache
sees the ANAME and looks up the canonname from the server at servername
(with "." as the servername default to look it up in the usual way.)
Putting an actual rrtypeI at the same name as the ANAME is naughty, like
putting it at the same name as a CNAME.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
