Clearly, different people view the "advantages" and "disadvantages" separately. The wording below tries to make the comparisons neutral while still fully stating what the differences are. Note that I made this wording specific to BIND: when we have other multi-view servers in the examples, I'll write specific wording for them. Is the following (re-)wording correct and complete?
========== BIND handles both DNSSEC validation and caching of changed authoritative information differently depending on the whether the configuration is to use two separate views (one for the authoritative zone, one for recurison) or to use the same view for both servers. Validation: When using separate views, the DS records in the slaved zone will be validated as the zone is refreshed or updated. When using the same view, this validation does not occur for the slaved zone. Caching: When using separate views, the recursive server will cache all of the queries it looks up, just as it would using the traditional root hints method. Thus, as the zone in the other view is refreshed or updated, changed information will not appear in the recursive server until the TTL of the old record times out; currently the TTL for DS and delegation NS records is two days. When using the same view, as the zone is refreshed or updated, all zone data in the recursive server will be updated as soon as it receives its copy of the zone. ========== --Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop