On Thu, 12 Jun 2008 14:54:32 +0200, Niall O'Reilly <[EMAIL PROTECTED]> wrote:
> > On 12 Jun 2008, at 12:25, Gervase Markham wrote: > >> The second question is one of resources and client complexity. I am >> meeting resistance to the idea of having the existing list regularly >> dynamically downloaded, which would be the simplest method of >> providing >> more frequent updates than the six-to-eight week Firefox security >> releases. An assemble-and-cache-the-data-from-DNS scheme would be an >> order of magnitude more complex. > > I'm not sure why you would need to assemble anything. > Couldn't you seize the data you need, on demand, from > the DNS (and cache at will). DNS, or full DNS, is not always available. There are at least two scenarios where this is the case: - Behind (very) closed firewalls, where all access go through a HTTP-only proxy. No DNS for external addresses is available. For that matter, when going through a proxy you have no way of knowing if the DNS available to you know anything about the address space you are accessing through the proxy. - On a number of systems, in particular phone devices, the application does not even have access to DNS to do a name lookup, it must specify the hostname, and try to connect. Additionally, a DNS-only solution would mean implementing a DNS client inside the application, since AFAICT the platform socket APIs usually do not provide the necessary functionality needed to access non-IPaddress data. While I am not opposed to the data being available in DNS, there must be a simple way to collect and provide it to clients efficiently and for any use case, while reducing privacy issues (which a batch of data for a given TLD will solve neatly), and with respect to HTTP clients, HTTP is the only method we can rely on, and it will also be available to many specialized applications that use HTTP, perhaps through some library. -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: [EMAIL PROTECTED] Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ******************************************************************** _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop