On 11/13/17, 13:30, "DNSOP on behalf of Evan Hunt" <[email protected] on behalf of [email protected]> wrote:
>Mark's idea to push updates to the parent instead of relying on polling used a >SRV query to identify the correct recipient of an UPDATE: > > ...draft-andrews-dnsop-update-parent-zones-04... This would mean then signing all the SRV sets, so I assume to preserve the benefits of "OPTOUT", you'd want these only for the names that had DS sets. For the others, I assume either no answer or the wildcard ... in the TLD. (That latter thought might be unsettling to some people.) What I mean is that there is still a scaling problem, in some dimension, to deal with because the DNS is inherently a "down-only" tree.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
