[dns-operations] Karl Auerbach on adding 'millions' more TLD - what do folks think about the operational impact?
Patrik Fältström
patrik at frobbit.se
Tue Jan 9 07:00:47 UTC 2007
On 9 jan 2007, at 07.19, Mark Andrews wrote:
>> It is definitely not clear the solution will be "aliases" in the root
>> zone when creating IDN versions of TLDs. Strong lobbying say that a
>> local language version of for example .COM is to be run by a registry
>> different from Verisign. This lobbying (that mostly is after becoming
>> this registry for monetary reasons) of course uses technical
>> arguments like "DNS people say DNAME is not possible to use in the
>> root" etc.
>
> Which is of course complete hog wash. The only requirement is
> that all the root servers support DNAME. If you have DNSSEC
> support that implies DNAME support.
That was my point. On the other hand, Applications people (like
myself) that work with directory services and similar see risk for
data corruption issues and extremely hard to debug chasing of RRs if
the DNAME has a target outside the zone the record resides in. I.e.
if the DNAME reference a record in the same zone the DNAME resides
in, one is safe for these kind of problems. If not, one can end up in
situations that should be studied a bit more.
paf
More information about the dns-operations
mailing list