On Mon, May 02, 2011 at 01:08:38PM -0400, John Leslie wrote: > As I read it, this says that certain DNS servers will be configured > to _not_ return AAAA records to AAAA queries by default. Yes, that's what the trick does. > This strikes me as a really-strange transition mechanism. Indeed. The draft is, IMO, a little too diplomatic to say it, but what this really comes down to is a boneheaded put-spackle-over-it answer to the problem of previous failed transition mechanisms. There are eyeballs out there in front of screens. Those are the things the content providers want to reach. Some percentage of those eyeballs are looking at screens with bad or misconfigured IPv6 connectivity. But because they don't know that, they'll ask for AAAA records in their DNS lookups, because they think they have IPv6 connecitivity. What the "whitelisting" (scare quotes to address Dave's objection) trick does is refuse to answer those AAAA queries unless the operator of the answering server has positive evidence to believe that the AAAA query is coming from a well-run IPv6 network. If not, the AAAA is suppressed. This causes the AAAA lookups to fail, which causes the bits to flow via IPv4. The bits get to the eyeballs, and the content provider is happy. That this is a completely unscalable answer to the problem that a tiny percentage of computers on the Internet are misconfigured is something the people pushing this "whitelisting" acknowledge. They're going to jump off that bridge when they get to it. Right now, there's hardly any IPv6 penetration, they say, so they can handle it. I think that this sort of "whitelisting" is, to be blunt, short-sighted and foolish, but I think it is better to have a document that at least explains what it is. If we had a WCP series, I'd nominate this for inclusion. A -- Andrew Sullivan ajs@xxxxxxxxxxxx Shinkuro, Inc. _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf