ietf-mxcomp
[Top] [All Lists]

Re: Reuse of TXT : draft-ymbk-dns-choices-00.txt

2004-05-17 16:01:07

At 7:40 AM -0700 05/17/2004, Dave Crocker wrote:
Patrik,


PF> As input to the discussion, I am working on a document regarding adding
PF> data to DNS for new applications

excellent!


PF>   Therefore, deployment a MARID record must also
PF> consider the near-future deployment of DNSSEC.

On the one hand, it seems clear that the spam hackers will increase
the level of attacks on the DNS, as you suggest.

On the other hand, it's not clear to me what it means for the Marid
efford to "consider the near-future deployment of DNSSEC". I cannot
readily think of what Marid could or should do differentially.

Those interested may wish to read draft-ietf-dnsext-dnssec-intro-10.txt,
which provides an introduction to the current DNSSEC specs
and includes some issues which may be salient.   The larger
message sizes which result from its use is certainly one
issue that might impact choice of syntax, as is the mandate
that EDNS0 be supported to deal with those larger message
sizes.  The relationship between the validity period of
signatures and the TTL of the records is another (anything
using DNSSEC cannot be a "store it and forget it" operation,
since the signatures must be periodically be brought up to date; this
may impact deployment considerations in a number of ways).
Another issue (mainly dealt with in draft-ietf-dnsext-dnssec-protocol-06.txt)
is how wildcards are handled in DNSSEC; this, again, might impact
where the group decides to store MARID's RR in the zone.

Speaking personally,
                        regards,
                                Ted Hardie