Re: [dns-wg] RIPE's MNAME recommendation

[=?UTF-8?Q?M=C3=A5ns_Nilsson?= <]

--On den 3 oktober 2005 17.10.53 +0200 Peter Koch pk@localhost wrote:
 
>> In the interest of sanity, I'd suggest adding "should answer queries
>> about said domain with the AA bit set" (in addition to
>> swallowing/properly rejecting/processing updates and allowing/properly
>> refusing zone transfers). That is the The Right Thing to do, IMHO, 
 
> There's no RFC that would support this as far as I can see. At least
> there's no RFC that suggests that the server named in MNAME act as an
> additional resource to what is already in the NS RRSet.

1035 says: 

MNAME           The <domain-name> of the name server that was the
                original or primary source of data for this zone.

I think this is supportive of the idea that questions about the zone SHOULD
be answered, and that AA bit SHOULD be set. 

> So, my suggestion is to adjust the MNAME text in a way that keeps the
> original spirit but explicitly says that the name in MNAME 
> 
> 1) must resolve to an A RR(Set) 
> 2) the address (or, to complicate matters, addresses) must be the public
>    address of the (hidden/stealth) primary master

...and thus as per above SHOULD do dns? I think there is support in the
text for that.
 
> Please remember that RIPE-203 does not try to be an exhaustive (even less
> so normative) explanation for all the SOA RR's parameters for most any
> situation. It aims at a rather large subset (maybe in the 70-80%) of
> zones which can live well with these defaults.

Understood. 

-- 
MÃ¥ns Nilsson                    Systems Specialist
+46 70 681 7204   cell                      KTHNOC
+46 8 790 6518  office                 MN1334-RIPE

Attachment: pgp00006.pgp
Description: PGP signature