In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wr i tes: >>>Require the DNS server at the edge of the site be authoritative for the >>>whole of fec0::/10 or blackhole the queries. >>> >>>(I don't think too many people would even want to register site-locals in >>>the _global_ reverse DNS, queriable by anyone -- remember, they're not to >>>be used globally, and reverses in and itself are already considered a >>>"security hazard" by some.) >>> >>>Let's not go down the path of putting site-locals anywhere near the global >>>ip6.arpa. >> >>Sure -- but to keep the load off the root, we need to be *very* sure >>that sites do pretend to be authoritative for them. > > will it help if we ship c.e.f.ip6.int/arpa zone files with BIND, > just like 1.0.0.127.in-addr.arpa?
Thinking about it a little more, there's a seriously obscene thing to do here: ship the config files with a * PTR record, resolving to something like "read.RFC.1918.for.these.addresses." -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
