[166254] in North American Network Operators' Group
Re: comcast ipv6 PTR
daemon@ATHENA.MIT.EDU (Joe Abley)
Tue Oct 15 11:15:38 2013
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <8738o2poov.fsf@nemi.mork.no>
Date: Tue, 15 Oct 2013 11:13:10 -0400
To: =?iso-8859-1?Q?Bj=F8rn_Mork?= <bjorn@mork.no>
Cc: John Levine <johnl@iecc.com>, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 2013-10-15, at 10:57, Bj=F8rn Mork <bjorn@mork.no> wrote:
> Mark Andrews <marka@isc.org> writes:
>=20
>> People keep saying the PTR records don't mean anything yet still
>> demand really strong authentication for updates of PTR records.
>> TCP is more than a strong enough authenticator to support update
>> from self.
>=20
> This sounded like an excellent idea at first, but then I started
> thinking: As a home user, would I really want to give anyone with
> access to my network the right to change my reverse delegation?
I think what you'd be doing is giving anybody you have assigned an IPv6 =
address to the ability to update the PTR (or a delegation, since Mark =
suggested that too) for that particular address.
So, it's not "my reverse delegation", it's "my 2^80 or fewer reverse =
delegations" (if you've been assigned a /48).
Joe
