Hi Rubens,
On 6/22/22 05:29, rubensk=40nic...@dmarc.ietf.org wrote:
On 22 Jun 2022, at 00:07, John Levine <jo...@taugh.com
<mailto:jo...@taugh.com>> wrote:
In practice, I doubt that enough reverse zones are signed or that the
provisoning crudware that people use for reverse zones would work
often enough to be worth trying to do this. I did some surveys of
zones and found that in-bailiwick NS are quite uncommon, only a few
percent of the ones in large gTLDs.
I don't expect the IP space used for DNS servers to be managed thru an IPAM
system of sorts. But if one is used, it's unlikely they provision a zone-cut as
required in the draft.
The draft does not require a zone cut anywhere; it's merely a
(normative-language) recommendation. Quoting from Section 4.1:
Signaling Domains SHOULD be delegated as zones of their own, so that
the Signaling Zone's apex coincides with the Signaling Domain (such
as _signal.ns1.example.net). While it is permissible for the
Signaling Domain to be contained in a Signaling Zone of fewer labels
(such as example.net), a zone cut ensures that bootstrapping
activities do not require modifications of the zone containing the
nameserver hostname.
Thinking about it, perhaps there's no reason for normative language here. If others
agree, please let me know and I'll change to lowercase "should".
Thanks,
Peter
--
https://desec.io/
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
