ietf-mxcomp
[Top] [All Lists]

RE: Potential Work Item: New DNS resource records

2004-03-12 07:31:27


We're caught between a rock and a hard place over this.  On 
one side we don't want to break existing functionality in DNS 
(ahem*s*te-f*nd*r*ahem) but on
another we can't wait for bureaucracy to catch up (ahem*dnssec*ahem).

No existing functionality is broken if you use the prefix
mechanism. SRV already does this.

The bureaucracy never catches up, it simply says no. 


I'm going to ignore the wildcard matter because I agree that 
wildcard abuse
is a problem and I'd be happy to avoid them altogether. 

Synthetic wildcards work fine. There is no reason that the
wildcard has to be cacheable in this application.

Sure a query for TXT could return more than
one TXT record but only one record, in theory, contains the 
property we'd be looking for.  Consider:

$ORIGIN example.com.
@     TXT     "property of example.com incorporated"
@     TXT     "antispamproperty=foo,bar,baz"
@     TXT     "otherprotocolproperty=something,else,entirely"

Go ahead DNS people: cringe.  I feel your pain.

Hence my proposal to use _prefix. It provides exactly the same
degree of extensibiliy and scalability as defining new RRs
does.

We can view an RR as defining the syntax for the corresponding
data.

With this in mind, I'd be glad to invent something that represents
"antispamproperty=foo,bar,baz" and ask DNS vendors to support 
arbitrary
record types as that's apparently easier than asking the DNS 
WG to tolerate
record type abuse.  

Ignoring the DNS WG is the best, most satisfactory and easiest
route. By the time the proposal reaches the comment from other
groups stage the water will have flowed way past their bridge.

They are the folk who said 'it does not matter if DNSSEC is not
deployable in .com, the solution is to reduce the size of .com'.

There is a legitimate, principled architecture behind the prefix
proposal. 

[1] BIND 9 supports Active Directory because it supports 
dynamic DNS updates.
All I'd have to do is change the AD-integrated zones to 
standard zones,
install BIND 9 for NT and tell it to use the zones MSDNS 
exported.  Stubborn
vendor's DNS replaced and new record types supported with little pain.

No deal, I will take a vendor, any vendor over the DNS WG any day.

The vendors can drive deployment. The DNS WG will only crash the
car.

                Phill