DOn 18/08/12 05:05, Curtis Villamizar wrote:
When a domain registrar is needed is only when the homenet needs or
wants (maybe for ego reasons) a domain residing in a TLD (such as .com
or .org) and would not accept a subdomain from the provider. For
example the homenet user wants foo.com and would not accept something
of the form foo.site.provider.com, which would be less permanet (the
delegation is lost if switching providers).
For security reasons documented in one of the drafts above, it should be
disabled by default. A user-defined configuration could open the DNS
port to the world, and allow additional domains.
I think you missed the point. This is not a security issue.
Yes, I got your point, but I'm adding an implication.
The draft explains that this requires opening up the gateway's DNS port
to the world, rather than only to the trusted DNS infrastructure of the
provider. That has some security issues.
Also, only the provider can give you reverse DNS.
Whereas the provider-delegated domain can be a fully automatic feature,
setting up a personal domain requires the user to do some work.
Registering a domain (could be made simple, from a gateway's web UI),
pointing a nameserver at his gateway (could be automated, DynDNS-style).
It is only logical that a user should also have to disable the secure
default source address restriction of DNS requests.
Nonetheless, it is a perfectly valid use case; the IPv6 functional
equivalent of widely used DynDNS in the IPv4 world today. And, of
course, not every operator may implement the automated domain delegation.
bfn, Wouter
_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
