[ Quoting <nwea...@icsi.berkeley.edu> in "Re: [DNSOP] NOTE RR type for
confid..." ]
On May 27, 2014, at 1:32 PM, Miek Gieben <m...@miek.nl> wrote:
[ Quoting <e...@isc.org> in "[DNSOP] NOTE RR type for confidenti..." ]
http://www.ietf.org/internet-drafts/draft-hunt-note-rr-00.txt
Interesting idea!
What happens if a server get these records and doesn't know about NOTE
and treats them as unknown records?
Thats why the EDNS0 signaling is particularly clever in this proposal: A
server would have to know about the NOTE record to receive them in a zone
transfer, so as long as the source knows what its doing, the recipient will
only receive the NOTE records if they know what they are.
Ack, and I agree with your suggestion about not allocating a edns0 bit for this.
But still, my gut feeling says that NOTE records can leak, for all intent and
purposes your *are* putting comments in DNS data. I wouldn't put my database
password in an NOTE RR :/
/Miek
--
Miek Gieben
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
