----- Original Message ----- From: "Eric A. Hall" <[EMAIL PROTECTED]> > Edmon Chung wrote: > > However, there is advantage for not having the nameservers do any > > ACEing. It should make the phasing out of ACE faster. > > What is your reasoning for this? > > Also, would you have the client perform all recovery operations, such as > retransmitting the original UTF-8 query once a problematic delegation > server had been gotten around? These will still result in caches being > updated but it will essentially result in each application implementing > its own full-service resolver.
The client app probably wont do any proactive recovery, but when the user initiates another query, it would try th UTF8 again, and fallback only if the request fails again. In the meantime, the cache server will have ready the ACE respond already. The cache resolver still performs its usual job, not the client app. The client app is only responsible for the fallback mechanism. The reason really for this proposal is to make sure that DNSSEC works within the architecture. If the resolver does any conversion, DNSSEC would have to be changed. But if the client falls back, the origination of the request as well as the authoritative response is not changed throughout the resolution path. Edmon
