Hi,
Here is a new version of the DHCP Options for Homenet Naming Architecture
<http://datatracker.ietf.org/doc/draft-mglt-homenet-naming-architecture-dhc-options/>.
DHCP Options are designed so the CPE can automatically outsource its
Authoritative DNS Service. [1]
We carefully considered the remarks of the DHCP WG in London for the design
of the options. We also considered the remarks we received in the Homenet
WG more especially:
- We removed TSIG for securing transaction between the CPE and the DNS
servers. Intead we used SIG(0)
- We considered AXFR and Master/Slave mechanisms to outsource the Zone
from the CPE to the DNS Server.
- We documented how outsourcing can be done on DNS owned/managed by the
ISP and by third party DNS providers.
The scope of the draft is designing DHCP Option to outsource a Zone from
the CPE to the some other DNS. As such we did not discussed:
- whether the zone shoudl be signed or not.
- how the DS record should be updated. This should be performed by the
DNS server hosting the zone, not (necessarily) the CPE.
- the cases of internal / external zones
This points have not been omitted and will be discussed in
draft-mglt-homenet-front-end-naming-delegation.
Feel free to make comments!
Daniel
[1]
http://datatracker.ietf.org/doc/draft-mglt-homenet-naming-architecture-dhc-options/
--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
