Hi all,
I agree with John here.
Am 09.11.2023 um 11:11 schrieb John R Levine:
On Wed, 8 Nov 2023, Brian Dickson wrote:
The target for a NOTIFY would necessarily be found in the SOA record
of the
registrant's zone, not the parent's zone. I think that's where the
confusion has arisen.
There's definitely confusion here but I don't think it's mine.
The child (registrant) puts a CDS record in its zone, and then it wants
the parent (registry and/or registrar) to look at it and update the DS
in the parent (typically TLD zone) so it needs to notify the parent to
tell it to take a look. The child's SOA lists the child's own primary
NS, not the parent's, so notifying itself won't help.
Apropos Joe's message, the child could hypothetically try and send the
NOTIFTY to the parent SOA, e.g. a.gtld-servers.net for .com or .net.
But those are clouds of anycast servers and even if you can get that to
work, they belong to the registry while the notify needs go go to the
registrar so it can update the registry via EPP.
Even if you don't want to notify the registrar, but want to notify the
registry (because it's implementing CDS), the TLD's SOA record might
still not help.
Take for example our TANGO Registry Services. We use ironDNS for the DNS
part of our TLD. So the TLD's SOA record has information about the
ironDNS name servers. However, the server doing the CDS scanning is part
of the registry software TANGO (not the DNS infrastructure ironDNS).
Therefore you need to know what endpoint of the registry you need to
send the NOTIFY to. This would just be a service listening for NOTIFYs
to re-initiate the scanning, but it's not a name server at all. Setting
this endpoint in the TLD zone's SOA record as a pseudo primary name
server does not seem to be a good approach. We would a different way to
specify the NOTIFY target.
Cheers,
Michael
--
____________________________________________________________________
| |
| knipp | Knipp Medien und Kommunikation GmbH
------- Technologiepark
Martin-Schmeisser-Weg 9
44227 Dortmund
Germany
Dipl.-Informatiker Fon: +49 231 9703-0
Fax: +49 231 9703-200
Dr. Michael Bauland SIP: [email protected]
Software Development E-mail: [email protected]
Register Court:
Amtsgericht Dortmund, HRB 13728
Chief Executive Officers:
Dietmar Knipp, Elmar Knipp
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
