On 28 Oct 2023, at 03:44, Paul Wouters <[email protected]> wrote: >>> Scanners are, of course, inefficient, and notifications are a way to >>> improve that. I just think that as we are making comparisons, with >>> arguments whose strength is (in part) based on the number of queries >>> needed, we should get the order of magnitude right, to make the comparisons >>> as helpful as possible. That's all! :) >> >> Then, as usual, we’re in agreement. >> >> But to me, the place for analysis of scanner efficiency (or lack thereof) is >> in conjunction with the draft on generalised notifications and not here, as >> this draft explicitly is intended for the use cases where there is no >> scanner. :-) > > The Wheel of Time turns, and Ages come and pass, leaving memories that > become legend. Legend fades to myth, and even myth is long forgotten > when the Age that gave it birth comes again. In one Age, this discussion > was called "timers vs triggers". With no clear winner, nothing was done > and thus people were forced to implementer scanners (timers). I'm happy > to see notify (triggers) in some shape or form, although in previous > wars, people wanted the notify to go "elsewhere", eg not the primary > (or maybe not even secondary) servers as to leave the production name > servers untouched.
I think most of us are in agreement here. That’s sort of the core intent of draft-ietf-dnsop-generalized-notify. > Note that I dont think scanners can be fully omitted, as any sane parent > will do some sanity checks on its child and that's really just a scanner > without a "for domain in TLD" loop around it. I think this is also mostly agreed upon. Sanity check for sure. Whether that requires a scanner or not depends (in my view) on the trigger. For a NOTIFY a scan is obviously required to get the data to sanity check. For an UPDATE it can be argued both ways. Regards, Johan
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
