[dns-operations] Validation direction (Was: Re: Org Dnskey TTL)
Joe Abley
jabley at hopcount.ca
Tue Apr 20 14:14:53 UTC 2010
On 2010-04-20, at 10:07, Phil Regnauld wrote:
> Is there some inherent advantage to doing bottom-up validation ?
> I can understand why one would want to do top-down: at first thought,
> there is less back-and-forth that needs to be done, as one can pick up
> (NS, DS+RRSIG), and (NS+RRSIG, DNSKEY+RRSIG) -- if querying ANY with DO,
> that is. Otherwise, I guess it's the same amount of work ? Maybe less
> state to keep in one mode vs the other.
Top-down seems like it would present far less latency to recursive clients, especially in the case where DNSKEY RRSets are opportunistically fetched and cached during regular top-down resolution.
It had not actually occurred to me that anybody would think bottom-up was a good idea.
Joe
More information about the dns-operations
mailing list