--On Wednesday, March 19, 2003 23:45:05 -0500 David Blacka <davidb@verisignlabs.com> wrote: > I've changed my mind. I now think that servers SHOULD attempt to send > the KEY RRs in the additional section. That is, I think that we should > strengthen the rule rather than eliminate it. My reasoning is that: > > * the code complexity of doing this is pretty minor, > * optimizing for fewer round trips makes sense: bandwidth will increase > over time, but we cannot exceed the speed of light, > * since the client (via EDNS0) controls the max size of the response > and the key RRs can be silently truncated, the extra size of the message > should do no harm. This was also the conclusion arrived at during smalltalk during the pre-IETF DNSSEC workshop. I am a strong supporter of the policy of including KEY records as early/often as possible. Minimising number of RTT iterations is a major speed hack, in my humble opinion. -- Måns Nilsson Systems Specialist +46 70 681 7204 KTHNOC MN1334-RIPE We're sysadmins. To us, data is a protocol-overhead.
Attachment:
pgp00005.pgp
Description: PGP signature