<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
On 30.11.2018 11:59, nusenu wrote:<br>
<blockquote type="cite"
cite="mid:1956ad49-b07a-dac7-f995-336049c23920@riseup.net">
<pre class="moz-quote-pre" wrap="">ѽ҉ᶬḳ℠ via Unbound-users:
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">With hyperlocal (RFC7706) requiring the root zone DNS server ip addresses listed
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">
please don't use the term "hyperlocal" (reasoning: Paul Hoffman - RFC7706bis author -
asked for not using it in the RFC7706 context at the last IETF103 DNSOP see the Q&A section of his
presentation <a class="moz-txt-link-freetext" href="https://www.youtube.com/watch?v=g0Sz7gziUW0&feature=youtu.be&t=5015">https://www.youtube.com/watch?v=g0Sz7gziUW0&feature=youtu.be&t=5015</a> )
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">as master in auth-zone and since this information is already provided (and
automatically updated) in root-hints would it not make sense to utilise it for
RFC7706 in auth-zone, something like?:
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">auth-zone:
name: .
master: path/to/root-hints
</pre>
</blockquote>
</blockquote>
<pre class="moz-quote-pre" wrap="">
not all root servers allow zone transfers so you don't
want to list them all as masters.</pre>
</blockquote>
<br>
To my understanding (<a class="moz-txt-link-freetext" href="http://www.dns.icann.org/services/axfr/">http://www.dns.icann.org/services/axfr/</a>) all
servers do permit zone transfer except l.root-servers.net <br>
<br>
<blockquote type="cite"
cite="mid:1956ad49-b07a-dac7-f995-336049c23920@riseup.net">
<pre class="moz-quote-pre" wrap="">I did send an example unbound config for review to the DNSOP mailing list:
<a class="moz-txt-link-freetext" href="https://mailarchive.ietf.org/arch/msg/dnsop/KLJFVjgALzvjZY0F0aZjFhE60LQ">https://mailarchive.ietf.org/arch/msg/dnsop/KLJFVjgALzvjZY0F0aZjFhE60LQ</a>
</pre>
</blockquote>
<br>
To my understanding the quotes ("") in the syntax are not required.
It works as well without and unbound-checkconf does claim any error
for a syntax without the quotes.<br>
</body>
</html>