Re: DNS RRTYPEs, the difficulty with

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In message <9452079D1A51524AA5749AD23E00392804C720@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
m>, "Murray S. Kucherawy" writes:
> > -----Original Message-----
> > From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] On Behalf Of Doug
>  Barton
> > Sent: Tuesday, February 28, 2012 2:24 PM
> > To: John Levine
> > Cc: ietf@xxxxxxxx
> > Subject: Re: DNS RRTYPEs, the difficulty with
> > 
> > Intelligent sysadmin: We need to deploy SPF
> > Boss: How does it work?
> > I: Well, eventually it will have its own DNS RR, but for now it works
> > with TXT records
> > B: Ok, put those TXT records in
> > <time passes>
> > I: It's now possible to use SPF RRs for SPF, so I need to make some
> > changes, do some testing, etc.
> > B: Are the TXT records working now?
> > I: Well yes, but ...
> > B: We have more important priorities that I need you to spend your time
> > on, leave the thing that's working alone.
> > 
> > Or, put more simply, your conclusion seems to be that we can never add
> > new RRs. Given that adding new RRs is crucial to the growth of the
> > Internet, I reject that conclusion completely.
> 
> Your scenario illustrated the problem nicely: People started SPF with TXT reco
> rds because they were available and the road to a new RRType was seen as a ste
> ep one.  Once that was even a little bit deployed, it became practically irrev
> ersible.  The same happened with DKIM, and then VBR, and now it's basically co
> mmon practice to use naming tricks to sidestep the RRType arguments.
> 
> I think the right endgame here is to make sure new RRTypes are accessible to t
> hose that want to have them.  This will remove the temptation to start with TX
> T and, ultimately, stay there.

They are there.  They were there when SPF was being developed.  They
were there when DKIM was being developed.  It's just the neigh
sayers won out.

Libresolv has supported unknown types for 25 years.  Other C libraries
support them.  dnspython supports them.  dnsjava supports them.  It
really isn't hard to get a length tagged blob of data back to the
application.

Authoritative nameservers support them.  Recursive nameservers
support them and always have modulo bugs.

If your DNS hosting company doesn't support them find another one
or complain to them.  You are paying them to host your DNS services
and this is a basic part of the job.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@xxxxxxx
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]