Ted, I'm agreeing with you that there are other uses for PTR records than a misguided notion of security.
Every log file that tries to record host names becomes much more readable if it is successful in recording host names than if it records IP addresses. In some cases for performance reasons the log files have to record IP addresses, but that would not be expected to be the case for home use. It is even worse if the log files record IP addresses and the person reading the logs has no reverse map. The example cited by Michael in http://www.ietf.org/mail-archive/web/homenet/current/msg01286.html is a good one. Particularly the "double use case" in that example. Since a home user is not likely to know to consult DHCP logs or dynamic (m?)DNS logs, that use case where the provider logs had DNS names is a good example. Curtis In message <[email protected]> Ted Lemon writes: --===============3943190178831859519== Content-Type: multipart/alternative; boundary="Apple-Mail=_9BAA1259-B71E-4867-8EF8-F0FF03A0821C" --Apple-Mail=_9BAA1259-B71E-4867-8EF8-F0FF03A0821C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On Jul 30, 2012, at 4:59 PM, Michael Thomas wrote: > Maybe I missed it, but why is lack of reverse map a problem, minus the > security desire to show some weak control of the allocated prefix? This is the wrong way to ask the question. Let me restate it: Is there some application for the reverse DNS, aside from the totally = useless "security" provided by matching the PTR with the AAAA? The answer is yes. There are a number of uses: peer-to-peer = rendezvous, a place to publish keys, debugging info are examples. = AFAIK there is no controversy about the fact that that using the PTR = record as a confirmation that you are who you say you are is completely = useless and should not be done. --Apple-Mail=_9BAA1259-B71E-4867-8EF8-F0FF03A0821C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii <html><head></head><body style=3D"word-wrap: break-word; = -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; = "><div><div>On Jul 30, 2012, at 4:59 PM, Michael Thomas = wrote:</div><blockquote type=3D"cite"><span class=3D"Apple-style-span" = style=3D"border-collapse: separate; font-family: Helvetica; font-style: = normal; font-variant: normal; font-weight: normal; letter-spacing: = normal; line-height: normal; orphans: 2; text-align: -webkit-auto; = text-indent: 0px; text-transform: none; white-space: normal; widows: 2; = word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; = -webkit-border-vertical-spacing: 0px; = -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: = auto; -webkit-text-stroke-width: 0px; font-size: medium; ">Maybe I = missed it, but why is lack of reverse map a problem, minus = the<br>security desire to show some weak control of the allocated = prefix?<br></span></blockquote></div><br><div>This is the wrong way to = ask the question. Let me restate it:</div><div><br></div><div>Is = there some application for the reverse DNS, aside from the totally = useless "security" provided by matching the PTR with the = AAAA?</div><div><br></div><div>The answer is yes. There are a = number of uses: peer-to-peer rendezvous, a place to publish keys, = debugging info are examples. AFAIK there is no controversy about = the fact that that using the PTR record as a confirmation that you are = who you say you are is completely useless and should not be = done.</div><div><br></div></body></html>= --Apple-Mail=_9BAA1259-B71E-4867-8EF8-F0FF03A0821C-- --===============3943190178831859519== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet --===============3943190178831859519==-- _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
