Steven M. Bellovin writes:
> Except, of course, for caching.
That's not an exception. As I said, the client checks slightly less than
once per TTL.
How many addresses has your site's DNS cache looked up in the past week?
How many different ISPs are involved? One thousand? Ten thousand?
Client-side indirection means that you have to check every one of those
ISPs for changes. Server-side indirection means that you have to check
one ISP, namely yours, for changes. The frequency of checks per ISP is
somewhat higher for server-side than for client-side, but client-side
involves vastly more ISPs.
Bottom line: This is not a benefit for A6.
> Most people don't change the entire zone that often;
Here at UIC, for example, we have EECS splitting into CS and ECE. All
the machines in eecs.uic.edu are going to be given new names. Are you
saying that this trivial operation would pose serious CPU-time problems
if we were using DNSSEC?
Are there any other benefits for A6?
---Dan
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
