On 24.7.2017 15:43, Tony Finch wrote: > Peter van Dijk <peter.van.d...@powerdns.com> wrote: >> >> One could make $GENERATE more efficient without actually implementing >> the BULK RR, by taking your pattern matching logic and implementing it >> inside the name server. > > Andrew Sullivan was right to say that there is an advantage to having BULK > as an RR compared to the $GENERATE master file directive, because an RR > makes it easier to interoperate across multiple providers in a > multi-master DNS setup. > > I guess a BULK that is just a standardized version of $GENERATE (with > multi-master-only online signing when there's an unfeasible number of > generated records) isn't a completely terrible idea, though it's a lot > less complicated than the current draft.
I agree that a BULK version simplified to bare bones (auth side only) might closer to acceptable. Still, it will not solve interoperability problem because we would need a mechanism to transfer signing keys along the BULK RR. > I'd still like to see lots more specific examples of how it could be used > other than for v6 reverse DNS. Yes please, use-cases would be very welcome. Right now it seems like *a lot* of complexity which is in my eyes not justified. Thank you for understanding. -- Petr Špaček @ CZ.NIC _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
