At 17:25 -0400 5/25/04, John R Levine wrote:
I suspect the DNS crowd would be phenomenally unsympathetic to that. I
run a variety of quirky DNS servers here, from rbldns and rbldnsd to some
homegrown perl code that serves up the abuse.net database as a DNS zone,
but there's a large camp that says that if you can't AXFR it as a BIND
format zone file, it's not DNS. Realistically, if BIND 8 can't serve it,
it's not going to fly.
BIND is an implementation, DNS is a protocol. Zone transfers are
part of the DNS protocol. BIND is compliant with that.
I wish folks would remove statements like "DNS crowd" and
"unsympathetic." There are engineers who's attention is the DNS
protocol but it isn't a "us vs. them" distinction. The reason I am
giving what time I can to the effort is that I want there to be a
successful outcome of the MARID WG (success = a protocol that stems
problems) and the one angle I am working is that if the outcome is a
protocol that doesn't work well with the DNS protocol, the outcome
won't be a success. It's not about gaining a rubber stamp of
approval from a "DNS crowd" but about engineering a solution that is
completely complimentary with the existing environment.
The "DNS crowd" exhibits, like any other group of human beings, a lot
of emotion. Any "unsympathetic" comments you may hear are borne of
an abstract notion of the intended architecture of the DNS filtered
through a less than adequate ability to express abstract notions in
words. Complicating this, folks like me are fairly over committed
(limiting time spent composing thoughts in words) and are looking at
more than one instance of someone extending what's in DNS. (E.g., my
absence from the list in the last week was because I also attended a
DNSSEC meeting and gave a presentation of the adoption of IPv6 in my
day job. I say this not for sympathy but as an appology for not
being more available earlier in the week.)
Proposed microhack: if you can't resolve _marid.phoo.example.com, try
_marid.*.example.com. This only handles one level of wildcard, but has
the advantage of being easy to code and working even on DNS clients that
don't give you all the ancillary data that you might want.
Please understand this: _marid.*.example.com. is an invalid name per
the original DNS specifications. It's not that the "DNS crowd"
doesn't like it, it is forbidden in the original design - meaning
that there's no guarantee any use of it is interoperable even if some
implementation "permits" it's use.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-703-227-9854
ARIN Research Engineer
Even the voices inside my head are refusing to talk to me anymore.