[62920] in North American Network Operators' Group
Re: Verisign Responds
daemon@ATHENA.MIT.EDU (Jack Bates)
Wed Sep 24 09:52:19 2003
Date: Wed, 24 Sep 2003 08:51:43 -0500
From: Jack Bates <jbates@brightok.net>
To: Paul Vixie <vixie@vix.com>
Cc: nanog@merit.edu
In-Reply-To: <g33cengjwd.fsf@sa.vix.com>
Errors-To: owner-nanog-outgoing@merit.edu
Paul Vixie wrote:
>>It's still to be seen if ISC's cure is worse than the disease; as
>>instead of detecting and stoping wildcard sets, it looks for delegation.
>
>
> that's because wildcard ("synthesized") responses do not look different
> on the wire, and looking for a specific A RR that can be changed every day
> or even loadbalanced through four /16's that may have real hosts in them
> seems like the wrong way forward.
See the NANOG archives for my post reguarding wildcard caching and set
comparison with additional resolver functionality for requesting if the
resolver wishes to receive wildcards or NXDOMAIN.
-Jack
