RE: PTRs for IPv6, see http://tools.ietf.org/html/draft-howard-isp-ip6rdns-05 I've had many excellent suggestions for updates to it, which I intend to treat in the next couple of weeks. I don¹t cover PTRs for servers, because I don't see a scalability problem. However, I don't think I understand the conversation below. Pointers to make me smarter?
Thanks, Lee On 1/10/13 1:22 AM, "Mark Andrews" <ma...@isc.org> wrote: > >In message <alpine.bsf.2.00.1301100106560.55...@joyce.lan>, "John R. >Levine" wr >ites: >> >> One is a stunt rDNS server that synthesizes the records on demand. >> >> (Bonus points for doing DNSSEC, too. Double bonus points for doing >> >> NSEC3.) >> > >> > NSEC3 is a waste of time in ip6.arpa or any similarly structured >> > zone so -1000000 for doing NEC3 and effectively doing a DoS attack >> > against yourself and the client resolvers. >> >> I know, but figuring out on the fly what order the hashes are would >> be quite a coding feat. > >subtract labels until you have one which fits the namespace pattern. >that is the closest encloser <ce>. hash that name for the closest >encloser. hash <label>.<ce> add/subtact one for the second half >of the noqname proof. hash *.<ce> add/subtact one for the no >wildcard proof. > >> R's, >> John >-- >Mark Andrews, ISC >1 Seymour St., Dundas Valley, NSW 2117, Australia >PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org > >