please review Bv9ARM-book changes for integrating AusCERT AL-1999.004

Jeremy C. Reed reed at reedmedia.net
Mon May 7 19:44:25 UTC 2007


Thank you for your reply. I am only commenting on one small part of it...

> > A "primary zone" is a zone for which a server has the 
> > DNS master file described in RFC1035 and the server is 
> > one of the name servers that has been delegated the domain.
> 
> "Primary" is now obsolete terminology.  This should be "authoritative".
> Also, whether the name server has been delegated or not is irrelevant.
> The main issue is whether the server itself thinks it has a copy of
> the zone file.  Many servers are authoritative for some zones and
> also provide recursive service, some servers are auth-only and others
> are recursive-only.
> 
> By splitting off the various variants of how people might use
> authoritative servers into separate largely redundant sections,
> the main issues are obscured.
> 
> The example for the authoritative case also misses the point of the
> "bogon" list in the first example.  The bogon list applies equally
> well to all servers on a public network, perhaps with exceptions for
> blackholing private RFC1918 networks if the server is accessible both
> from the Internet and private networks using RFC1918 addresses.
> 
> > 9.2.3 (3) Queries for Names in Official Secondary Zones
> 
> "Secondary" is not only old terminology but the distinction
> primary/secondary is irrelevant, see "authoritative" above.

The "primary" and "secondary" (and "master" and "slave") terminology is 
already used in the Bv9ARM document maintained by ISC and included with 
BIND source. I didn't mean to add new terminology to the book.

Anyone else have thoughts on this?

Maybe someone can provide a diff for the bind9/doc/arm/Bv9ARM-book.xml
to mention that the terminology is obsolete and then use the correct terms 
throughout.


  Jeremy C. Reed


More information about the bind-workers mailing list