[Opendnssec-develop] Trailing dot in enforcer
Matthijs Mekking
matthijs at NLnetLabs.nl
Wed Mar 2 12:17:49 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On 03/02/2011 12:34 PM, Siôn Lloyd wrote:
> I've committed the code that I think takes care of the trailing dot. There are
> a couple of cases that are not covered.
>
> Firstly a zone "." will be left as-is.
That sounds reasonable.
> Secondly, if the user edits the zonelist and includes a zone with a trailing
> dot then they will need to be consistent.
>
> So, if you call "ods-ksmutil zone add -z test." the zone "test" is added. You
> can then interact with this zone via "-z test" _or_ "-z test." (E.g. issuing
> the ds-seen command.)
Ok
> However, if you add "test." directly to zonelist.xml then you will need to use
> "-z test.". (This is to avoid trashing existing zones which have trailing
> dots.)
Is this because currently you could have two different zones in the
enforcer: "zone" and "zone."? I am not sure if we necessarily have to be
backwards compatible with this.
I would like to see that everywhere you make the comparison:
- - "zone" equals "zone"
- - "zone" equals "zone."
- - "zone." equals "zone"
- - "zone." equals "zone."
In that case, it doesn't matter how you would add them, and the user
doesn't have to be concerned about being consistent.
Best regards,
Matthijs
> The other time when the dot is significant is on zone delete where "-z test."
> will not delete a zone called "test" and vice versa...
>
> Does this seem reasonable?
>
> Sion
> _______________________________________________
> Opendnssec-develop mailing list
> Opendnssec-develop at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-develop
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJNbjVtAAoJEA8yVCPsQCW5638H/3GUNpfASfvvpYLZzLM4Bgi9
gZ12YI/zsB31YQhXS9igpqYwDh321LE3dlQ/kqSf3ANTnXwDP0FJMuf3e48OLLbC
zD2Bfv9fWh1tnxug3UfiXJ7m18F7xtgzB64L9JVirjt8BqOy6GWkfbeQ/7dmsWrb
t97OckOqyvGfZzBBbJc1vCTUWzA4hmNwVUIL/T6/gZ7QVPO917LuRpBhll8St/xM
tJ41hyT/+MtbDNC6BGO5FQVpyn0O4fEBgUErsvgfjCPovzM3aXMQxFaduSxwi8hr
aD2b2doIqkJFMPcr4sPXlz8JzOVGBRhTBqbVy1Q2IV+rKVZ9YIyr527ePs4asjY=
=rcpo
-----END PGP SIGNATURE-----
More information about the Opendnssec-develop
mailing list