Joe Abley said:
"Apologies to all concerned if I'm rudely pointing out the elephant in the
living room. This is one of two separate specifications for DLV. The
describes an approach called "DNSSEC Lookaside Validation (DLV)" which
uses the same DLV resource record specified in RFC 4431. This
specification is implemented in BIND 9, as far as I know.
I haven't compared draft-weiler-dnssec-dlv-01 with the ISC tech note
closely, but since the text is different it seems likely that
implementations based on one would likely differ from those based on the
other, from different interpretations of the text if not from fundamental
differences in approach."
Thanks for pointing this out. As a matter of practical reality, a DNSSEC
implementer will probably opt for compatibility with BIND 9 without
compelling reasons to do otherwise. Therefore, I'd suggest that one of
the following actions needs to occur before publication of draft-weiler
would be advisable:
a. Review by the BIND 9 maintainers to determine whether existing
implementations are compatible with draft-weiler.
b. If incompatibilities are found, then agreement by the BIND 9
maintainers that they will make the changes necessary to upgrade to
Ietf mailing list