[getdns-api] comments on v0.245

Dick Hardt dick.hardt
Tue Jan 22 06:14:14 CET 2013


On Jan 21, 2013, at 5:16 PM, Phil Pennock <getdns-api-phil at spodhuis.org> wrote:
> I'm assuming that most users of the API will not already be DNS experts,
> but are trying to do The Right Thing and it should be easy to support
> this.  I wonder if in addition to "dnssec_return_only_secure" the
> easy/suggested approach for most apps should be "dnssec_strip_bad" ?
> If there is a root zone trust anchor, then this would strip bogus and
> indeterminate; if there is not a root zone trust anchor, then it just
> strips bogus.
> 
> This would let developers do "the right thing for most apps" without
> having to put in their own skipping of entries and getting it wrong as
> they add a trust anchor.

+1

As an identity guy, but just average developer knowledge of how DNS works, 
I'm hoping the API will make it easy to do cool, new things.

FWIW: 80% of the terms tossed around here seem foreign to me and I have no idea why I would ever care.

-- Dick






More information about the spec mailing list