Re: draft-ietf-dnsext-apl-rr-01.txt

["Eric A. Hall" <ehall@ehsco.com>]

> Question: You want to know the phone number of "Eva Fr=F6lich". What
> LDAP database do you search in?

This is a problem for every federated namespace. BUT just because the
problem is the same for all of them does not mean that you might as well
use DNS. DNS has many other problems in addition to this one which make it
even more unsuitable, not equally unsuitable.

> So, as LDAP only handle the same kind of lookups as DNS (hierarichal
> when you happen to know the global unique identifier), is slower and
> doesn't have root servers in the world, people look instead at DNS as
> it works.

Tell me how you will index partial elements of a value in DNS? If I want
to find all of the email addresses which contain "ehsco.com" how do I
search for this? How do I setup the backend? This specific functionality
is not defined nor is it even feasible with DNS. It is well suited to LDAP
however.

Second: how do you define per-RR ACLs in DNS? If I want to publish my work
phone to all anonymous agents, my cell phone to fellow employees, and my
home/emergency info to my family, how do I do this in DNS? Once again, the
specs don't allow for it and no servers support it, and the protocol
probably could not handle it without being morphed into an entirely new
protocol.

DNS is a crap directory.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/


to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.