I understood Fujiwara’s proposal to be slightly different: If you are a DNS provider (hosting other zones) then the provider should use in-domain name servers.
DW > On Mar 4, 2024, at 3:14 PM, Paul Wouters <p...@nohats.ca> wrote: > > On Mar 4, 2024, at 14:04, Paul Vixie <paul=40redbarn....@dmarc.ietf.org> > wrote: >> >> >> >> this means a zone will always be reachable through at least one in-zone data >> path (name server name and associated address records.) the result would be >> that a full resolver would never have to pause its current lookup while >> searching for address records matching an out-of-zone name server name. >> >> i think it's a solid recommendation, > > It means every registrant, who doesn’t know about DNS, has to create host > objects for glue and whenever the ISP changes nameserver names (eg gets > bought, sold or merges), or IP address, the ISP has to talk to the registrant > to fix things at their registry. I can promise you those in-domain name > servers will quickly become very unreliable. > > Paul > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://secure-web.cisco.com/1a3MNvrMgvJke3ozLjb1HCuRHhuKPU4kcf25J9eCUq4p-aOa0Aqy6qmiTdxMr02KJy3Ai80ZFNKl9j_c-7cA3MZpUD5480mMQT5pKWiSiUhWWeiTjjFCC6bZdqrh-FHCqvl1sM64AGrDIt4zjPKgcxERVilTSw7U3KPYhiGQ1IMY8wwa-dVkcU7s4T0z9flJabKEE7sH-IvWVC-Sv4i0fKZUk1g-ek5vkhx5JIA8TeMvtjP17WZaKrO79M9HpU6TNwB0ypkRbRMX8btrJZ9nSBar6W3gL2W4TKNRPrzyBFB8/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
