> Another possibility is that a DNS server can look at the source address
> of the DNS request. If the source adress is an IPv6 site-local address,
> then the DNS server can include site-local addresses in its reply. If
> the source address is an IPv6 global address, or an IPv4 address, then
> the DNS server can filter out site-local addresses. This introduces the
> constraint that a site has to contain a DNS server to use site-local
> addresses. This technique could be used in conjunction with Erik's
> draft.
This runs into trouble with DNSsec since DNSsec signs RRsets.
Thus the DNS server would need a SIG for AAAA/A6 with site locals
and another SIG for AAAA/A6 without the site-locals.
Also, this has problem with recursive queries at least when the
recursing name server runs on a box that belongs to two different
site-local zones.
Erik
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
