<Skiped> > I agree that different opinions exist regarding the use of reverse DNS > lookup, the degree of its effectiveness etc. But it is undeniable > that it has been a useful checking in many cases. > And we should not overlook its merit: it got adopted quickly and > widely because it made use of an existing function.
The reverse DNS infrastructure is actually used as the id->locator mapping system in my RANGI proposal. We are now developing such a mapping system and will do an experiment on it latter. A brief introduction of the above mapping system is as follows: The hierarchical host identifier (HHI) consists of two parts: the leftmost part is Administrative Domain ID (AD ID), and the rightmost part is Local Host ID which is the hash of the AD ID and the public key owned by the host. The structured AD ID is used as a key in the reverse DNS infrastructure to locate the corresponding DHT ring (or a super server) which maintains mappings for the identifiers belonging to that Administration Domain, while the Local Host ID is used as a key in that corresponding DHT ring to locate the node which holds the mapping for that identifier. Hence, the mapping system has a reasonable business model and clear trust boundaries. A detailed example is given as follows: 1. A HHI will be transformed to a FQDN format string. Firstly, a HHI is expressed as "country-code.authority-code.region-code.local-host-ID" by inserting dots between adjacent fields, then it is transformed into a FQDN format string as "local-host-ID.region-code.authority-code.country-code". 2. The FQDN format string is used as a key in the reverse DNS infrastructure for ID->Locator resolution. 3. DHT can be optionally used to scale the bottom-level authoritative name servers if necessary, since the Local Host ID part of the HHI is a flat label. Best wishes, Xiaohu _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
