Hi Mike,
On Aug 2, 2017, at 09:54, Mike West <mk...@google.com> wrote:
> What would you like to see in the document in order to address this concern?
> A requirement that a `localhost` zone be created and delegated as an insecure
> delegation, using some of the language from the draft above (e.g. "This
> delegation MUST NOT be signed, MUST NOT include a DS record, and MUST point
> to one or more black hole servers, for example 'blackhole-1.iana.org.' and
> 'blackhole-2.iana.org.'.")?
Any such delegation would be lame, and is a bad idea just for that reason.
There's no foolproof way to add or drop zones hosted on the whole AS112 server
ssystem due to the lack of coordination between AS112 node operators -- despite
the good communication between many such operators, there's no good way to tell
what nodes you don't know about.
If you really wanted to sink queries in the top-level domain LOCALHOST a better
approach would to use DNAME (see RFC 7535). But note that I'm not expressing an
opinion on whether that's a good idea, either philosophically or practically,
in this specific example.
Joe
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
