[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: nsec++

To: IETF DNSEXT WG <namedroppers@ops.ietf.org>
Subject: Re: nsec++
From: Miek Gieben <miekg@atoom.net>
Date: Thu, 4 Dec 2003 18:33:09 +0100
In-reply-to: <20031204163945.B52C513991@sa.vix.com>
Mail-followup-to: IETF DNSEXT WG <namedroppers@ops.ietf.org>
References: <20031204143138.GA26856@atoom.net> <20031204163945.B52C513991@sa.vix.com>
User-agent: Vim/Mutt/Linux

[On 04 Dec, @17:39, Paul wrote in "Re: nsec++ ..."]
> > ...
> > I think we don't want to make the NSEC more difficult than it already is
> > (compared to the NXT definition). 
> > 
> > So I would vote to keep the current NSEC definition as it as and get
> > used to the fact is takes up a few more bytes,
> 
> it's all just fun and games until microsoft decides to sign zones containing
> their private-allocation types (in the 65000 range.)

so with this definition of the NSEC record we will not see an 7 to 10 times
increase in zone sizes with DNSSEC? 

grtz Miek

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

References:
- Re: nsec++
  - From: Miek Gieben <miekg@atoom.net>
- Re: nsec++
  - From: Paul Vixie <paul@vix.com>

Prev by Date: Re: nsec++
Next by Date: I-D ACTION:draft-ietf-dnsext-nsec-rdata-01.txt
Previous by thread: Re: nsec++
Next by thread: RE: nsec++
Index(es):
- Date
- Thread