[dns-operations] IPv6 & IPv4 addresses

George Barwood george.barwood at blueyonder.co.uk
Thu Mar 17 18:40:40 UTC 2011


> ...and then all we have to do is change (all of) the deployed 
> software to make the problem go away.
> 

Well updating DNS servers is a relatively easy thing to do.
And it's just a backwards-compatible optimisation.

One last thought: the TTL of NSEC/NSEC3 records currently seems to have no meaning.

I think resolvers could be allowed to assume the NSEC TTL can be used as the negative caching TTL,
thus it would normally be equal to the SOA "MINIMUM" value.

That would avoid the need to send a SOA record in addition.

But... I just doubt any of this is going to happen. It's not a big enough problem
for volunteers at the IETF to devote the amount of time to it that would be needed.
There would be a lot of discussion about whether it was safe, desirable, etc.
I guess implementors could do it unilaterally, but that also seems unlikely.


More information about the dns-operations mailing list