Re: new RRTYPEs, was DNSSEC architecture vs reality

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It appears that Michael Thomas  <mike@xxxxxxxx> said:
>> But DNS itself shouldn't have to change to implement new RR types, 
>> more than (perhaps) adding a line to a table that says RR type NN has 
>> ASCII name XX and the following types of parameters. And that table 
>> should be globally and securely accessible. Encode the table in DNS 
>> somehow, put it in the root zone or other zone managed by the root, 
>> give it a very long TTL, and sign it with DNSSEC.

Hey, what a good idea.  Oh, look someone wrote it up as an I-D starting ten years ago:

https://datatracker.ietf.org/doc/draft-levine-dnsextlang/

And here's a python library to implement it with encoder, decoder, and
a dictionary of field types you can use to create and decode web forms:

https://pypi.org/project/dnsextlang/

For perl users, it's built into recent versions of Net::DNS.

>Uh, think the long tail of UI's. Even $megacorps use them. And they 
>don't look kindly to monkey patches either.

No kidding. You extend the UI once to use the extesion language to
create and parse forms for rrtypes, then fetch the rrtype descriptions from the
DNS. It really works, I use it in my own DNS provisioning crudware.

But as far as I can tell, nobody else does.

R's,
John




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux