I recently noticed that the bailiwick-related definitions are wrong and muddled.
I have always understood in-bailiwick to mean that a nameserver name is a subdomain of its zone apex. That is, exactly the cases where glue is required by the DNS protocol. The term comes from the discussion of gluelessness at http://cr.yp.to/djbdns/notes.html - "RFC 1034 specifically requires glue for referrals to in-bailiwick DNS servers." RFC 8499 seems to use "in-domain" for this situation, which is not a term I have seen anywhere else. The question of sibling glue is different from whether nameservers are in-bailiwick. It comes up in questions about registry policies rather than DNS protocol needs: whether or not a registry requires all nameservers that are subdomains of the registry domain(s) to have addresses, even in cases where the DNS does not need glue. The description of siblings in RFC 8499 is muddled, because it is unclear when it is referring to a nameserver name or a zone name, and it's unclear when it is talking about a child zone or their shared parent zone. And the nameservers themselves aren't siblings; they are nephieces or niblings or something like that. I suggest: * Sibling zones: two zones whose delegations are in the same parent zone. * Sibling glue: addresses of nameservers that are in a sibling zone. Sibling glue is usually the glue that the DNS would require for that sibling zone, but in some cases the requirement lies elsewhere, for example one.example. NS nsa.two.example one.example. NS nsb.two.example two.example. NS ns0.two.example two.example. NS ns1.two.example The DNS protocol does not require sibling glue for the one.example nameservers, though glue addresses might be required by .example registry policy. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ the fundamental values of liberty, equality, and community _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
