http://www.ietf.org/internet-drafts/draft-ietf-dnsop-ipv6-dns-issues-06.txt
Section 1.3
Besides maintaining "at least one...IPv4", the section should also recommend making "at least one" available for IPv6 once v6 is available. I think that would even it out.
I'd also like to see some statement regarding what happens when IPv4 dies. (Okay, y'all can stop laughing now.) Maybe like "maintain v4 until there's a recommendation to retire it. This kind of issue (an exit strategy) seems to be quite often glossed over. It's not that I want to see an exit strategy, but to at least mention in the document that a reader 15 years from now ought to be planning for one, whether it comes or not.
But to draw a finer and more sane point, DNS really isn't about servers, it's about zones. I would recommend stating that each zone be made available authoritatively (master or slave) on each (v4, v6) transport.
Section 2.3
When you say "challenge" in the first paragraph, do you mean tedious or tricky?
I.e., is it just a pain because of the volume of octets or is it not straightforward?
Section 4.1
One pothole I stepped into falls roughly in this category. I have a name server running on a section of network that is IPv4 only. To bring the server's zones up on IPv6, I used another machine on a different section of network. The A record for the name pointed to one machine, the AAAA to the other. This works okay for DNS, but I had a problem when I did an "ssh" to the box. Instead of winding up at the A box, I was on the AAAA box. I nearly edited the wrong /etc/named.conf.
The recommendation is that, if you use service names in addition to host names, you only use the service names within the service mentioned. And - use the host name when ssh'ing.
Top of page 17 (second line), grammer error:
"However, when stronger form of security is used"
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis +1-703-227-9854 ARIN Research Engineer
If time travel were ever to be realized, public key crypto is toast. . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
