On Thu, 9 Nov 2023, Joe Abley wrote:
Apropos Joe's message, the child could hypothetically try and send the NOTIFTY
to the parent SOA, e.g. a.gtld-servers.net for .com or .net. But those are
clouds of anycast servers and even if you can get that to work, they belong to
the registry while the notify needs go go to the registrar so it can update the
registry via EPP.
I don't agree that it's impossible to use an anycast target for this, any more
than it's impossible to distribute any service using anycast.
I don't think it's impossible either, but it's swatting a fly with a
motorcycle. As far as I know the anycast mirrors do not feed stuff in
realtime back to their primaries and this would be quite a change, not to
mention needing non-standard hacks to their DNS servers. (That's "reverse
anycast".)
As far as communication with registrars goes, the registry operator is actually
ideally placed to relay general messages to registrars. I'm not sure why this
is being discounted. They already do so for other purposes.
At that other I* organization we were led to understand that registrars
get unhappy when the registry interacts directly with their customers. If
we can get the registrars and registries to go for it, registry forwarding
is fine with me, but I don't think it would be a good idea to specify it
unless we are confident that people are willing to do it.
Re stealth, the place you send the NOTIFY is in practice going to be a
server that just does the update stuff, not a public or stealth DNS
server.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop