[RSSAC Caucus] Curious difference in glue TTL for root servers
Mukund Sivaraman
muks at mukund.org
Thu Jun 18 23:25:52 UTC 2020
On Thu, Jun 18, 2020 at 10:34:40PM +0000, Wessels, Duane wrote:
> My guess is that some implementations take the glue from the root zone
> and some take it from the root-servers.net zone (which has the 3600000
> TTL).
You are probably right. If this is the case, then there is the question
of which is more correct for use as glue. Though the root servers also
serve the root-servers.net zone and are authoritative for them, when
glue exists as glue within the root zone, should the root namesevers not
use the glue in preference?
Ignoring the case of . and root-servers.net, assume a secondary
authoritative NS is configured for a parent zone and child zone a couple
of levels within the parent domain, which are transferred in from
different primary NSs (under control of different entities). The
authoritiative NS does not know if the parent and/or slave are delegated
to it (as a resolver would) - it just serves zone data. If one is to
assume that the parent zone is delegated to the NS, and the child zone
is delegated to some other nameserver (whereas a similarly named zone
exists on this NS), it seems more correct that glue that exists as glue
within the parent zone be used, and not address records from the child
zone (even though the NS thinks it is configured as an authority for the
child).
Mukund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/rssac-caucus/attachments/20200619/a3bfd2fc/signature.asc>
More information about the rssac-caucus
mailing list