[166601] in North American Network Operators' Group
Re: Reverse DNS RFCs and Recommendations
daemon@ATHENA.MIT.EDU (William Herrin)
Fri Nov 1 12:41:13 2013
In-Reply-To: <5273525C.5060908@necom830.hpcl.titech.ac.jp>
From: William Herrin <bill@herrin.us>
Date: Fri, 1 Nov 2013 12:40:42 -0400
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Nov 1, 2013 at 3:03 AM, Masataka Ohta
<mohta@necom830.hpcl.titech.ac.jp> wrote:
> Mark Andrews wrote:
>> That said it is possible to completely automate the secure assignment
>> of PTR records. It is also possible to completely automate the
>> secure delegation of the reverse name space. See
>> http://tools.ietf.org/html/draft-andrews-dnsop-pd-reverse-00
>
> It is a lot simpler and a lot more practical just to
> use shared secret between a CPE and a ISP's name server
> for TSIG generation.
Howdy,
I hope you don't mean to suggest that a user should be able to use his
normal ISP username and password to set those DNS records which the
ISP has determined that he's allowed to set. That's just crazy talk!
Regards,
Bill Herrin
--
William D. Herrin ................ herrin@dirtside.com bill@herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
