Dear all,
We submit a draft about "A DNS Query including A Main Question with
Accompanying Questions".
Any comments are welcome.
Thanks.
Jiankang Yao
From: internet-drafts
Date: 2016-04-28 15:50
To: XiaoDong Lee; Paul A. Vixie; Jiankang Yao; Paul Vixie; Xiaodong
Section 2.5. "Dynamically Generate PTR When Queried ('On the Fly')" was
originally written years ago. Some recent announcement from DNS vendors
generating and signing DNS records on the fly seem to be an existence proof
that this would actually work and the scalability concerns, certainly valid
On 28 April 2016 at 06:37, Edward Lewis wrote:
>
> Not sure if that answers the question fully. Hope it helps.
>
It helps, for sure. So if I understand you correctly, at the TLD level
it's 4:1 in favour of NSEC3, and all of those are opt-out.
I imagine that will change as the number of DS reco
Matthijs,
At 2016-04-26 10:11:13 +0200
Matthijs Mekking wrote:
> Late to the party, but FWIW: I also support adoption and am willing to
> discuss and review this work.
>
> Some comments:
>
> - Section 4.1 relaxes the restriction for resolvers from RFC 4035 to MAY
> do aggressive NSEC/NSEC3 usa
On Mon, Apr 25, 2016 at 4:50 PM, Tim Wicinski wrote:
> This starts a Working Group Last Call for draft-ietf-dnsop-isp-ip6rdns
>
> Current versions of the draft is available here:
>
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-isp-ip6rdns/
>
> Please review the draft and offer relevant com
On 4/27/16, 11:29, "DNSOP on behalf of Matthew Pounsett"
wrote:
>On 19 April 2016 at 08:13, Shane Kerr wrote:
>
>>Also, I'm not sure that it is fair to say "most zones are not signed
>>with NSEC". I guess most *TLD* are signed with NSEC3 either for zone
>>size reasons or in a (misguided IMHO) at
Matthew (and Shane),
>>>Also, I'm not sure that it is fair to say "most zones are not signed
>>>with NSEC". I guess most *TLD* are signed with NSEC3 either for zone
>>>size reasons or in a (misguided IMHO) attempt to keep the zone
>>>contents secret. But is this true for domains that are not
>
Matthew,
At 2016-04-27 08:29:46 -0700
Matthew Pounsett wrote:
> On 19 April 2016 at 08:13, Shane Kerr wrote:
>
> > Also, I'm not sure that it is fair to say "most zones are not signed
> > with NSEC". I guess most *TLD* are signed with NSEC3 either for zone
> > size reasons or in a (misguided I
