[dns-wg] rev delegation robot and selection of NS to pull zone from
- Previous message (by thread): [dns-wg] Re: rev delegation robot and selection of NS to pull zone from
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Niall O'Reilly
Niall.oReilly at ucd.ie
Fri Nov 21 11:49:14 CET 2008
On Thu, 2008-11-20 at 14:02 +0000, Wilfried Woeber, UniVie/ACOnet wrote: > So - this may just be a glitch in the alerting script, but I am still > left with the question: how does the robot at the NCC's end determine > the "appropriate" host to try zone transfers from? > > Any recommendations? IMHO ... This is a system-administrative matter to be agreed between the zone administrator and the slave operator. Zone data is not zone metadata. Blurring the distinction can only lead to unintended consequences. If a robot is involved, there needs to be an out-of-zone channel from the zone administrator to the robot. Peter's suggestion of using a new attribute in the database to serve this purpose makes sense to me. A similar, but more sensitive, issue arises with shared secrets for TSIGs. ATB, Niall
- Previous message (by thread): [dns-wg] Re: rev delegation robot and selection of NS to pull zone from
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]