[159385] in North American Network Operators' Group
Re: [SHAME] Spam Rats
daemon@ATHENA.MIT.EDU (Mark Andrews)
Thu Jan 10 01:22:56 2013
To: "John R. Levine" <johnl@iecc.com>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "10 Jan 2013 01:08:03 CDT."
<alpine.BSF.2.00.1301100106560.55043@joyce.lan>
Date: Thu, 10 Jan 2013 17:22:31 +1100
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
In message <alpine.BSF.2.00.1301100106560.55043@joyce.lan>, "John R. Levine" wr
ites:
> >> One is a stunt rDNS server that synthesizes the records on demand.
> >> (Bonus points for doing DNSSEC, too. Double bonus points for doing
> >> NSEC3.)
> >
> > NSEC3 is a waste of time in ip6.arpa or any similarly structured
> > zone so -1000000 for doing NEC3 and effectively doing a DoS attack
> > against yourself and the client resolvers.
>
> I know, but figuring out on the fly what order the hashes are would
> be quite a coding feat.
subtract labels until you have one which fits the namespace pattern.
that is the closest encloser <ce>. hash that name for the closest
encloser. hash <label>.<ce> add/subtact one for the second half
of the noqname proof. hash *.<ce> add/subtact one for the no
wildcard proof.
> R's,
> John
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
