[ppml] Policy Proposal: Authentication of Legacy Resources
Edward Lewis
Ed.Lewis at neustar.biz
Wed Jul 11 10:20:29 EDT 2007
At 22:39 -0700 7/10/07, Scott Leibrand wrote:
>A follow-up question for the morning: Is there anything you use DNS for (or
>that you know other people use it for) that would significantly affect
>non-legacy parties (without also affecting the legacy netblock's users) if
>PTR lookups from legacy space were to fail?
The IETF has been asking this question too. The URL below is to the
latest attempt to document something, an effort that dates back
already 7 years. (The US space program progressed from its first
manned sub-orbital launch to a manned moon landing and return in
shorter time!) I mention this because "question for morning" - hope
you have a long morning. ;)
http://ietf.org/internet-drafts/draft-ietf-dnsop-reverse-mapping-considerations-04.txt
In the document I'll call attention to two (out of context probably) snippets:
# 4.2 Delegation considerations
#
# ...
# It is desirable that Regional Registries and any Local Registries to
# whom they delegate encourage, or continue to encourage, reverse
# mappings.
and
# 4.3 Application considerations
#
# Applications should not rely on reverse mapping for proper operation,
# although functions that depend on reverse mapping will obviously not
# work in its absence. Operators and users are reminded that the use
# of the reverse tree, sometimes in conjunction with a lookup of the
# name resulting from the PTR record, provides no real security, can
# lead to erroneous results and generally just increases load on DNS
# servers. Further, in cases where address block holders fail to
# properly configure reverse mapping, users of those blocks are
# penalized.
This document is a work in (slow) progress (no offense intended to
the editors, it's a group problem) but it reflects an approximation
of the consensus opinion held today.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Think glocally. Act confused.
More information about the ARIN-PPML
mailing list