* Mark Andrews:
In message <87skpt279z(_dot_)fsf(_at_)mid(_dot_)deneb(_dot_)enyo(_dot_)de>,
Florian Weimer writes:
* Stephane Bortzmeyer:
Second question, the document indeed standardizes many things which
are not in common use but does not point towards a rationale, so some
choices are puzzling. Why TXT records to point to an URL and not
NAPTR? Is this because of current usage in DNSxL? If so, this should
be noted. But why IPv6 lists use a A record and not a AAAA? I am not
aware of existing IPv6 lists so this cannot be the current usage?
The lack of a macro capability also means that it's basically
impossible to secure DNSBL zones with DNSSEC when they contain larger
chunks of address space; see the example in section 2.1.
How so?
The expectation is that error messages generated from TXT records
contain the actual IP addresses which triggered the DNSBL lookups. As
a result, if you list a /16 (say), you need publish 65,536 different
TXT records.
Currently, these records are synthesized using a macro capability in
the DNS server.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf