[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-dnsext-apl-rr-01.txt

To: Patrik Fältström <paf@cisco.com>
Subject: Re: draft-ietf-dnsext-apl-rr-01.txt
From: Dennis Glatting <dennis.glatting@software-munitions.com>
Date: Sun, 03 Dec 2000 09:57:04 -0800
CC: Randy Bush <randy@psg.com>, Paul A Vixie <vixie@mfnx.net>, namedroppers <namedroppers@ops.ietf.org>
Delivery-date: Sun, 03 Dec 2000 09:59:06 -0800
Envelope-to: namedroppers-data@psg.com

I forgot to add one item to my comments.

One problem I have with adding any new RR type to DNS is the core
software (server and client), and across all vendors, must be modified
to incorporate the new type whereas with LDAP you simply (YMMV) add a
new schema and plug in data. In the case of DNS, you are introducing
software complexity and error to a critical operating component of the
Internet, worsened if you are relying on DNSsec. With LDAP, you are
not.

As you point out, the problem of finding a given piece of information
whether you are using DNS or LDAP is pretty much the same. However, it
is common practice to include a quasi-URL in a DN, such as
ou=3Dwww.verisign.com/RPA often found in Verisign certificates (the
"ou=3D" makes no sense to me). With this information one knows the DN,
the server to talk to, and hopefully the question to ask. :) I am not
saying such an approach is wonderful or even real-world, however it at
least makes a plausible case to dump trash into LDAP rather than DNS.


Is "Eva Fr=F6lich" a real person?


to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.

Prev by Date: Re: draft-ietf-dnsext-apl-rr-01.txt
Next by Date: Re: draft-ietf-dnsext-apl-rr-01.txt
Prev by thread: Re: draft-ietf-dnsext-apl-rr-01.txt
Next by thread: Re: draft-ietf-dnsext-apl-rr-01.txt
Index(es):
- Date
- Thread