[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: noid and applications (generic requirements from applications)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On fredag, nov 14, 2003, at 03:49 Europe/Stockholm, Brian E Carpenter 
wrote:

>> On 13-nov-03, at 16:26, Brian E Carpenter wrote:
>>
>>> Doesn't this objection also apply to passing an FQDN around,
>>> since FQDNs can also be unreachable, due to 2-faced DNS
>>> and the like?
>>
>> What would be the logic of making something unreachable using twofaced
>> DNS? I thought the point was to make sure that different people 
>> connect
>> to different hosts when they try to connect to an FQDN. The situation
>> where one side of the DNS produces something useful while the other
>> doesn't is either unintended, which is the risk you run by abusing
>> technology in this way, or is intended in which case there isn't a
>> problem.
>
> I don't mean there would be any logic. My point is that just as
> you can make a mess by referring unrouteable addresses, you can make
> a mess by referring inaccessible FQDNs.
>
> If server.example.com sends a referral for internal-only.example.com
> to client.example.org, it is no different from sending a referral to
> FEC0::27. Neither referral makes sense, but both might happen if
> server.example.com doesn't know any better.

Although I agree with Brian, this is a real case problem. Very much the 
same that was discussed with site-locals (but let's not go there right 
now). However, I am not sure this is an issues that we need to solve. 
As Iljitsch says, if people have a broken set-up, things will break. 
But I think this should be documented.

- - kurtis -

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP7kwvaarNKXTPFCVEQKttACgnxNFDmAxmTCKepTe+SlWjd+pHf4AoKF2
sIXJP+an1iLlqCJn+tSMhHdA
=x00I
-----END PGP SIGNATURE-----