On 18 Sep 2023, at 14:17, Keith Moore wrote: > I was thinking about what bugs me about trying to make SRV, or NAPTR+SRV, apply to all protocols. This is why some of us made URI RR Type... Patrik > In addition to this being merely a potentially disruptive, incompatible change, that doesn't take into account subtle differences in the way different protocols use ports, > it would also have a disruptive effect on internal network administration and politics of countless organizations. Specifically it would give enterprise top-level DNS administrators even more power than they have now, for better or (more often I suspect) for worse. > > (I'm still remembering a case in which company A divested company B from itself, and the new company B's marketing people decided to redo the company's web site, and told the IT people to replace ALL of the company's DNS records (including NS) with a new set of records, that wiped out every single web service that the company's products depended on working... And yes, the marketing people and the C*s who enabled them were incompetent beyond measure, but incompetence is part of the human condition. And how DNS needs to work is surprisingly subtle and invisible even to most computer people. And DNS as currently defined, or implemented by most service providers, arguably doesn't have the kind of access control that's needed for organizations in all of their complexity.)
Attachment:
signature.asc
Description: OpenPGP digital signature
