Evan Hunt wrote on 2019-02-14 15:56:
On Thu, Feb 14, 2019 at 01:57:14PM -0800, Paul Vixie wrote:
indeed nothing which treats the root zone as special is worth
pursuing, since many other things besides the root zone are also
needed for correct operation during network partition events.
This point is well taken, but sometimes the root zone is a useful
test case for innovations that might be more generically useful
later. It's relatively small, relatively static, *XFR accessible,
signed but uses NSEC not NSEC3, etc. It's pleasantly free of
annoyances.
it's distraction value, where countries lacking root server _operators_
of their own, feel diminished thereby, and where technology solutions
that affect the root zone in some way, feel unduly relevant... makes it
an _unuseful_ test case. recall that AAAA and DS came to every other
zone in the DNS before it was grudgingly admitted into the root zone.
we have to stop using the root zone as any kind of test case. it's not
special and should be treated unspecially. any technology which focuses
on it should be suspected immediately of "shiny object syndrome."
So, zone mirroring fell out of 7706, and I suspect it will
eventually have broader applications than just local root cache.
nope. because it did not prototype any partial replication. i'm not
going to mirror COM because i need it to reach FARSIGHTSECURITY.COM. we
needed to focus on partial replication, and avoid any solution that
would only work for small zones that changed infrequently, so as to
avoid wasting years of opportunity on a solution that changed nothing
and led nowhere.
I think some of the early work on aggressive negative caching was
root-specific as well.
no. in fact, the opposite was true. the first ANC was OTWANC (off the
wire ANC), which had to be specified as part of DLV, which was
instigated in the first place principally because noone knew how many
more years we'd have to wait before a DS RR could be placed into the
root zone.
I wouldn't assume an idea is bad just because it's currently focused
on the root, it might not always be.
for reasons stated above, there are _no_ counterexamples showing that a
focus on root-specific technology ever did any good, and a plethora of
examples where focus on root-specific technology did some lasting harm.
therefore, our assumption of any root-specific proposal should be, until
and unless proved otherwise on a case by case basis, that it's "shiny
object syndrome", rather than a legitimate engineering exercise.
--
P Vixie
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
