I agree with Elz that the following two steps would (1) eliminate the
reliability problems of out-of-bailiwick NS records (2) without allowing
caches to be poisoned:
1. Servers fetch glue, and provide glue in their responses, so that NS
is always accompanied by A: e.g., aol.net NS dns-01.ns.aol.com and
dns-01.ns.aol.com A 152.163.159.232.
2. Caches save the NS+A combination: aol.net NS+A 152.163.159.232.
They don't save the A record separately.
Of course, this is functionally identical to putting IP addresses into
NS records, which is exactly how the protocol should have been designed
in the first place.
---Dan
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
- Re: An easy example of A6 unreliability Robert Elz
- Re: An easy example of A6 unreliability D. J. Bernstein
- Re: An easy example of A6 unreliability Robert Elz
- Re: An easy example of A6 unreliability D. J. Bernstein
- Re: An easy example of A6 unreliability Matt Crawford
- Re:Proposed host and router requirements revision (... Robert Honore
- Re: An easy example of A6 unreliability Mark . Andrews
- Re: An easy example of A6 unreliability D. J. Bernstein
- Re: An easy example of A6 unreliability Ian Jackson
- Re: An easy example of A6 unreliability Brian E Carpenter
- Re: An easy example of A6 unreliability D. J. Bernstein
- Re: An easy example of A6 unreliability Robert Elz
- Re: An easy example of A6 unreliability D. J. Bernstein
- Re: An easy example of A6 unreliability Robert Elz
- Re: An easy example of A6 unreliability Ian Jackson
- Re: An easy example of A6 unreliability D. J. Bernstein
- Re: An easy example of A6 unreliability Ian Jackson
- Re: An easy example of A6 unreliability Ian Jackson
