A DNSxL is a zone in the DNS[RFC1034][RFC1035]. The zone containing
resource records identifies hosts present in a blacklist or
whitelist. Hosts were originally encoded into DNSxL zones using a
A 'zone' is an administrative construct, rather than a queriable
user-visible semantic construct, such as a sub-tree. If 'zone' is in
fact correct, why? If not, then I suggest saying sub-tree.
In practice they're always zones, but I suppose subtree would be more
accurate.
If a range of addresses is listed in the DNSxL, the DNSxL MUST
contain an A record (or a pair of A and TXT records) for every
address in the DNSxL. Conversely, if an IP address is not listed in
Each address results in a different queriable domain name
<reverse-addre>.<service domain>, so I think the requirement is
deeper than just separate pseudo-A records: each must have its own
name (and, yes, each with its own A record underneath.)
Hmmn. I'll think about rewording it.
Any system manager that uses DNSxLs is entrusting part of his or her
his or her -> their
No.
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg