On 5/21/13 9:02 AM, Keith Moore wrote:
On 05/21/2013 11:57 AM, Joe Abley wrote:
On 2013-05-21, at 11:56, Keith Moore <moore@xxxxxxxxxxxxxxxxxxxx> wrote:
2119 language is intended to describe requirements of
standards-track documents. Informational documents cannot impose
requirements.
Then I think we've just identified a reason why this document should
be on the standards track.
Actually I think that what we need is a BCP that says that DNS is not
intended, not designed, and SHOULD NOT be used for dissemination of
any information that is not deemed acceptable for widespread public
distribution.
The basically rules out every internal split horizon use of DNS in
existence.
scope matters for this application just as it does for any zone you
shouldn't be exposing to the outside world.
Neither the DNS protocol nor DNS implementations are designed to
meet the security requirements of such applications, and DNS is too
widely deployed to change that.
Keith