At the WG meeting in Beijing, the somewhat inconclusive discussion on a nameserver control protocol was ended by the suggestion that the authors of the two drafts discussed should write a short piece discussing the pros and cons of their proposals and post it to the list. This is that piece for draft-dickinson-dnsop-nameserver-control.
Pros 1) A standard data model This was one of the requirements identified in draft-ietf-nameserver-management-reqs and is the core of NSCP. If a sufficiently complete model covering a reasonable number of nameservers can be identified, it will be possible for even basic clients to perform a useful set of functions. 2) Use of a standard protocol Use of NETCONF provides the necessary protocol superstructure to support remote management of nameservers. Amongst other things it provides: * Persistent connections * Secure authentication * Basic set of commands for listing and manipulating elements in the server * Means of matching commands and responses * Reporting of errors * Ability to define new commands * Concurrent access to a server by multiple clients: locking is supported and an access control model allowing different clients to access different parts of the server is under development * A defined extension mechanism, allowing seamless incorporation of both protocol and vendor extensions. Cons 1) No mechanism for automatically copying configuration from one nameserver to another. Work Required At present, the data model is still rudimentary. Detailed attributes still need to be defined for each entity, in particular for the "DNSSEC Policy" object. As a way forward, the first step should be to concentrate on refining the data model. Stephen _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop