|
Re: DNS RRTYPEs, the difficulty with
2012-02-28 17:43:12
On Tuesday, February 28, 2012 02:23:30 PM Doug Barton wrote:
On 2/27/2012 5:56 PM, John Levine wrote:
The problem is provisioning software. We weenies can stuff anything
into our DNS servers we want, because we use vi and emacs and (in my
case) custom perl scripts. For the other 99.5% of the world, what
they can put in their DNS zones is limited to whatever the web
provisioning software at their registrar or ISP or web host supports,
and I challenge you to find any that supports SPF records.
I have been both the author and a consumer of the types of interfaces
that you're describing, and I had a very peripheral role in the work to
evangelize interface support for new TLDs, IPv6, and DNSSEC; so I'm
familiar with the issue. My experience with these issues tells me that
when there is demand to support a new RRtype, it will be supported.
So, once again, we need to learn from the mistakes that were made with
SPF. Here is how life goes in most busy enterprise environments:
Intelligent sysadmin: We need to deploy SPF
Boss: How does it work?
I: Well, eventually it will have its own DNS RR, but for now it works
with TXT records
B: Ok, put those TXT records in
<time passes>
I: It's now possible to use SPF RRs for SPF, so I need to make some
changes, do some testing, etc.
B: Are the TXT records working now?
I: Well yes, but ...
B: We have more important priorities that I need you to spend your time
on, leave the thing that's working alone.
Or, put more simply, your conclusion seems to be that we can never add
new RRs. Given that adding new RRs is crucial to the growth of the
Internet, I reject that conclusion completely.
Here is a suggestion for those who are convinced using a new RR type in
getting a new protocol deployed is now trivially easy and people who don't
want to do it are lazy/whiners/ignorant/whatever:
A few weeks ago a new effort was announced in the mail authentication space
called DMARC (see dmarc.org). It's a brand new protocol that so far has
minimal deployment. It currently uses and underscored TXT subdomain, but it
should be an ideal candidate for a new RR.
Why don't you volunteer to help them navigate through what needs to be done to
succeed in getting deployment with a new RR type. If you can manage it,
that'll be the existence proof that it can be done.
Scott K
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: DNS RRTYPEs, the difficulty with, (continued)
- RE: DNS RRTYPEs, the difficulty with, Murray S. Kucherawy
- Re: DNS RRTYPEs, the difficulty with, Mark Andrews
- Re: DNS RRTYPEs, the difficulty with, Scott Kitterman
- Re: DNS RRTYPEs, the difficulty with, Hector
- Re: DNS RRTYPEs, the difficulty with, Scott Kitterman
- Re: DNS RRTYPEs, the difficulty with, Hector
- Re: DNS RRTYPEs, the difficulty with, John R. Levine
- Re: DNS RRTYPEs, the difficulty with,
Scott Kitterman <=
- Re: DNS RRTYPEs, the difficulty with, John Levine
- Re: DNS RRTYPEs, the difficulty with, John Leslie
- Re: DNS RRTYPEs, the difficulty with, Hector
- Re: DNS RRTYPEs, the difficulty with, Hector
- Re: DNS RRTYPEs, the difficulty with, Patrik Fältström
- Re: DNS RRTYPEs, the difficulty with, Hector
- Re: DNS RRTYPEs, the difficulty with, Alessandro Vesely
- Re: DNS RRTYPEs, the difficulty with (was: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)), Mark Andrews
- Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis), Doug Barton
|
|
|