DRAFT - DNS Admin Guide

Ken Smith kensmith at cse.Buffalo.EDU
Wed Jun 25 17:29:25 PDT 2003


Since I seem to be in "Fully explain" mode...

On Wed, Jun 25, 2003 at 09:54:07AM +0900, Jun Kuriyama wrote:

> I like Kris's suggestion, but I don't think we need a bottle neck such
> as coordinator as above.

I'm not against that in principal, just the cost/benefit ratio.

> The idea in my mind is to create "name vs email" table to identify
> who is authoritative of this DNS name.  Like:
> 
> ftp-master.FreeBSD.org		peter at FreeBSD.org
> 				kuriyama at FreeBSD.org
> cvsup-master.FreeBSD.org	kuriyama at FreeBSD.org
> ftp.FreeBSD.org			foo at example.net
> 				bar at example.com
> ftp2.FreeBSD.org		blah at example.org
> 
> and, create a collection of PGP public keys of above contactee.
> 
> If we can prepare this table, dnsadm@ can easily identify the signed
> request is authorized or not.

I had thought about Kris's message too.  The problem I saw with it
came up when I tried to think about what valid DNS related requests
would originate at a site *after* it has been recognized and added
to the above table.  You probably know of others that I'm not aware
of but the only three I could think of were:

	1) "I needed to change my site's hostname/IP address, please
	   update your info for that."

	2) "I don't want to be a FreeBSD site any more."

	3) Please change our site contact info from "fred at foo.bar"
	   to "barney at foo.bar" because Fred quit and we hired Barney
	   to replace him.

That was all I could think of.  Anything else would be originating from
someone else.  Again - I'm probably wrong about this out of ignorance but
I need help with learning what other sorts of requests come from the sites
themselves.

My guess was that there are very few of (1).  If (2) came along the
help of the Mirror Site Coordinator would be desirable in deciding
what to do about the problem.  (3), at the dnsadm@ level, is only
needed because we need to build and maintain this big table.  My guess
was the number of (3)'s would exceed the number of (1)'s, *and* the
Mirror Site Coordinator should be aware of (3)'s as well.

-- 
						Ken Smith
- From there to here, from here to      |       kensmith at cse.buffalo.edu
  there, funny things are everywhere.   |
                      - Theodore Geisel |


More information about the freebsd-hubs mailing list