FQDNs in masters-list (was: Help: Secondary for...)
Kevin Darcy
kcd at daimlerchrysler.com
Mon Mar 12 18:14:27 UTC 2001
Brad Knowles wrote:
> At 4:04 PM -0500 3/9/01, Kevin Darcy wrote:
>
> > 5. Therefore, it can confidently auto-configure itself as a slave
> >for the zone.
>
> This is out of scope of the DNS protocol. You're getting into
> named.boot or named.conf file changes that have to be made, and that
> is an implementation detail that is out of scope.
Um, yeah, so what? This is the *BIND* list, not namedroppers. It's appropriate to
discuss implementation details here. I'd like to see signed-NOTIFY-based slave
auto-configuration someday added to BIND, and I'm eliciting comments on whether
folks would find this a valuable feature or not. I assume your answer is "no" (?)
> I'm going to have to think about some of the other possible implications.
>
> > Again, the ability to sign the NOTIFY adds a level of trust, so that you
> > know this is the *real* master residing on a new address, rather than Joe
> > Random User trying to trick you into accepting their copy of the zone.
>
> One thing that strikes me is that you have eliminated all forms
> of trust, other than the key. This means that the secondary MUST NOT
> accept unsigned zone transfers, or unsigned content within a zone
> transfer, because it can't trust that the machine with IP address
> 123.45.67.89 and key XYZ five minutes ago still has that same IP
> address.
Well, I don't know about "unsigned content within a zone transfer". If the zone
transfer itself is signed, is that not sufficient?
- Kevin
More information about the bind-users
mailing list