> Logic behind this proposal follows: > > #1 I can't see any difference between the intended use of: > - 10.in-addr.arpa. > - internal. > > #2 RFC 6761 section 6.1 already established special rules for > 10.in-addr.arpa.
The draft has the following: The "internal" top-level domain provides this purpose in the DNS. Such domains will not resolve in the global DNS, but can be configured within closed networks as the network operator sees fit. I think that is the difference between .internal and 10.in-addr.arpa. I expect 10.in-addr.arpa. to resolve in the global DNS. RFC-1918 address do leak and there is no reason to expect every piece of software to have filter in place to catch reverse DNS lookups for those addresses. There seems to be an argument that for the convenience of DNSSEC, private domains have to resolve in the global DNS. Maybe we need to actually say that in some RFC. Or solve this issue in a different way. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
