[159419] in North American Network Operators' Group
PTRs for IPv6 (was Re: [SHAME] Spam Rats)
daemon@ATHENA.MIT.EDU (Lee Howard)
Thu Jan 10 10:23:32 2013
Date: Thu, 10 Jan 2013 10:23:15 -0500
From: Lee Howard <Lee@asgard.org>
To: Mark Andrews <marka@isc.org>, "John R. Levine" <johnl@iecc.com>
In-Reply-To: <20130110062232.208452DF0E57@drugs.dv.isc.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
RE: PTRs for IPv6, see
http://tools.ietf.org/html/draft-howard-isp-ip6rdns-05
I've had many excellent suggestions for updates to it, which I intend to
treat in the next couple of weeks. I don=B9t cover PTRs for servers,
because I don't see a scalability problem.
However, I don't think I understand the conversation below. Pointers to
make me smarter?
Thanks,
Lee
On 1/10/13 1:22 AM, "Mark Andrews" <marka@isc.org> wrote:
>
>In message <alpine.BSF.2.00.1301100106560.55043@joyce.lan>, "John R.
>Levine" wr
>ites:
>> >> One is a stunt rDNS server that synthesizes the records on demand.
>> >> (Bonus points for doing DNSSEC, too. Double bonus points for doing
>> >> NSEC3.)
>> >
>> > NSEC3 is a waste of time in ip6.arpa or any similarly structured
>> > zone so -1000000 for doing NEC3 and effectively doing a DoS attack
>> > against yourself and the client resolvers.
>>=20
>> I know, but figuring out on the fly what order the hashes are would
>> be quite a coding feat.
>
>subtract labels until you have one which fits the namespace pattern.
>that is the closest encloser <ce>. hash that name for the closest
>encloser. hash <label>.<ce> add/subtact one for the second half
>of the noqname proof. hash *.<ce> add/subtact one for the no
>wildcard proof.
>
>> R's,
>> John
>--=20
>Mark Andrews, ISC
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
>
>
