On Mon, Jul 20, 2015 at 10:41:08AM -0400, James Cloos wrote:
> They should be at the same place even though multiple lookups are likely
> to be required anyway -- not everything will fully support an ANY query.
>
> And I renew my (previously ignored) suggestion that they, along with
> tlsa records for client certs where the cn or other lookup -- such as
> a sip url or the like -- has an @ in it -- be under _at.
>
> Mapping @ to _at makes it easy to remember and easy to read.
Mnemonic value notwithstanding, the main advantage of _at is that
that it is *short*. So if the namespaces are unified (segregated
only by RRtype not qname), then "_at", seems like a sensible choice
of generic empty non-terminal.
In terms of query efficiency, if there are any MUAs out there that
support both OpenPGP and SMIME, and try to find either set of keys,
then a common qname that yields NXDOMAIN is likely to cached by
the iterative resolver just long enough to save a full round-trip
just to find out that neither set of keys exists.
--
Viktor.
_______________________________________________
dane mailing list
dane@ietf.org
https://www.ietf.org/mailman/listinfo/dane
