|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Anyone from AT&T here? (AT&T bogus DNSBL answers)
On 19 Apr 2004, at 16:04, [email protected] wrote: DNS is currently used for "give me the resource record set of type X for the query key Y".DNS is intended for "give me the A record for the hostname FOO". DNS has the advantages that its scaling properties are fairly well-known, it distributes easily across servers and administrative boundaries, records can be cached, and the delegation points can provide some measure of confidence that the server you're obtaining data from have some authority to dispense it (confidence ranging from "a little bit, maybe" to "high" if zones and delegations are signed, and there's a secure entry point to the chain somewhere). There are also few devices in the world that speak IP and don't already include a resolver.LDAP is a more proper tool for "Give me the list of hosts that user Q-Froob is allowed to post mail from on Tuesdays after 5PM". DNS has lots of disadvantages too, and is cumbersome and obtuse for distribution of many types of data. The general rule that "if it's not for associating addresses with host names, LDAP is better" is flawed though, I think. Joe
|