On Wed, Feb 29, 2012 at 10:22:55AM +0100, Shane Kerr wrote:
> Paul,
>
> On Tuesday, 2012-02-28 18:40:30 +0000,
> Paul Vixie <paul@redb...> wrote:

> > i'd start over with a new port number first. dns wire encoding is
> > already wildly complicated.

> The main (only?) advantage of doing it with EDNS is that you can work
> with existing name servers. It means adding more logic to our already
> fabulously complicated resolvers to get full benefit, but nobody ever
> said DNS was easy.

It seems to me that, from the point of view of "dns-ng" and
interoperation with dns, there are three possibilities:

    1.  End points use dns-ng.
    2.  End points use dns, but intermediate resolvers do dns-ng.
    3.  Everyone except authority servers do dns, and the authority
    server does dns-ng.

Your suggestion is, in effect, a way of doing (2).  But (3) isn't
interesting (if nobody else uses dns-ng, then the authority servers
aren't talking to anyone); and (1) is the actual goal we want, I
think.  

If dns-ng is a superset of useful dns functionality, but cleans up
certain issues with dns, then the intermediate resolvers in (2) can as
easily use a new port as they can use more complicated dns handling.
So I have to agree with Paul Vixie: if we're going to work on
replacing the protocol, let's replace it for real.  (FWIW, I think
this is a noble goal doomed to failure.  But I've been wrong before.
Probably three times just this morning.)

Best,

A

--
Andrew Sullivan
ajs@anvi...
_______________________________________________
DNSOP mailing list
DNSOP@ietf...
https://www.ietf.org/mailman/listinfo/dnsop