On Tue, 24 Jul 2018, Tim Wicinski wrote:
We discussed this and there appears to be support to adopt this, with
the caveat of fleshing out some of the discussions which came up.
This starts a Call for Adoption for draft-kh-dnsop-7706bis
The draft is available here:
https://datatracker.ietf.org/doc/draft-kh-dnsop-7706bis/
While I agree with the goal of the draft, to keep root server queries on
the local host, I don't like how it is suggesting to run a DNS server on
localhost:53, because that is going to cause problems with running
validating resolvers on the stub. There is already enough racy
conditions on systems with virtual machines and running dhcp/dns servers
for those that are racing to own 127.0.0.1:53
But again, having a well integrated method for slaving the root zone on
a local validating stub resolver is something that everyone should do
(along with query minimalization)
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
