FQDNs in masters-list (was: Help: Secondary for...)

Kevin Darcy kcd at daimlerchrysler.com
Mon Mar 12 18:14:27 UTC 2001

Brad Knowles wrote:

> At 4:04 PM -0500 3/9/01, Kevin Darcy wrote:
> >  5. Therefore, it can confidently auto-configure itself as a slave
> >for the zone.
>         This is out of scope of the DNS protocol.  You're getting into
> named.boot or named.conf file changes that have to be made, and that
> is an implementation detail that is out of scope.

Um, yeah, so what? This is the *BIND* list, not namedroppers. It's appropriate to
discuss implementation details here. I'd like to see signed-NOTIFY-based slave
auto-configuration someday added to BIND, and I'm eliciting comments on whether
folks would find this a valuable feature or not. I assume your answer is "no" (?)

>         I'm going to have to think about some of the other possible implications.
> >  Again, the ability to sign the NOTIFY adds a level of trust, so that you
> >  know this is the *real* master residing on a new address, rather than Joe
> >  Random User trying to trick you into accepting their copy of the zone.
>         One thing that strikes me is that you have eliminated all forms
> of trust, other than the key.  This means that the secondary MUST NOT
> accept unsigned zone transfers, or unsigned content within a zone
> transfer, because it can't trust that the machine with IP address
> and key XYZ five minutes ago still has that same IP
> address.

Well, I don't know about "unsigned content within a zone transfer". If the zone
transfer itself is signed, is that not sufficient?

- Kevin

More information about the bind-users mailing list