Ben Schwartz wrote on 2024-03-04 07:20:
To rephrase, it sounds like you are proposing a rule that zones should be configured to use at most one glueless delegation step.
i think it's the inverse. according to fujiwara-san's comments each zone must have at least one in-zone name server name:
<<the domain names that host the name server names MUST be resolvable by delegations using one or more in-domain name server names.>>
this means a zone will always be reachable through at least one in-zone data path (name server name and associated address records.) the result would be that a full resolver would never have to pause its current lookup while searching for address records matching an out-of-zone name server name.
i think it's a solid recommendation, but can only be a SHOULD not a MUST, both because of the installed base / long tail, and the impossibility of enforcing it, and the market needs of parking lots.
-- P Vixie _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
