[dns-operations] Reporting glue as authoritive data -- Bug!

Mark Andrews Mark_Andrews at isc.org
Fri Feb 1 02:46:16 UTC 2008

> On Fri, 01 Feb 2008, Mark Andrews wrote:
> > 	COM/NET introduces extra problems because they can support
> > 	delegations that require glue outside of the individual
> > 	TLD (COM or NET).
> > 
> > 	Other TLDs don't support such delegations, the most they
> > 	support is delegations that require sibling glue.  Attempts
> > 	to setup delegations that require external glue fail.
> > 
> > 	Changing COM and NET's glue acceptance policy to only publish
> > 	glue for nameservers which are within the the relevent zone
> > 	would bring them into line with all other TLDs.
> I cannot parse this.  What are you trying to say?  Could you please
> give an example?

	This sort delegation will work with COM and NET.  If you
	change NET to IT and COM to DE, for example, it wouldn't


	It only works because the glue is being promoted to answer
	and the glue is available because COM and NET have common

	Now if NS.EXAMPLE.COM is not a server for any other delegation
	in COM the glue record should be rejected.  Similarly for

	To the best of my knowledge you will accept the glue record
	for NS.EXAMPLE.COM even if there is not a delegation in COM
	that uses NS.EXAMPLE.COM.  Similarly for NS.EXAMPLE.NET.

	I'd like to be proven wrong as that would put you on a even
	footing with all other TLDs.
> Matt
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the dns-operations mailing list