[dns-operations] Validation direction (Was: Re: Org Dnskey TTL)

Joe Abley jabley at hopcount.ca
Tue Apr 20 14:14:53 UTC 2010

On 2010-04-20, at 10:07, Phil Regnauld wrote:

> 	Is there some inherent advantage to doing bottom-up validation ?
> 	I can understand why one would want to do top-down: at first thought,
> 	there is less back-and-forth that needs to be done, as one can pick up
> 	(NS, DS+RRSIG), and (NS+RRSIG, DNSKEY+RRSIG) -- if querying ANY with DO,
> 	that is.  Otherwise, I guess it's the same amount of work ?  Maybe less
> 	state to keep in one mode vs the other.

Top-down seems like it would present far less latency to recursive clients, especially in the case where DNSKEY RRSets are opportunistically fetched and cached during regular top-down resolution.

It had not actually occurred to me that anybody would think bottom-up was a good idea.


More information about the dns-operations mailing list