[87899] in North American Network Operators' Group
Re: AW: Odd policy question.
daemon@ATHENA.MIT.EDU (David W. Hankins)
Fri Jan 13 17:34:40 2006
Date: Fri, 13 Jan 2006 14:33:12 -0800
From: "David W. Hankins" <David_Hankins@isc.org>
To: Randy Bush <randy@psg.com>
Cc: John van Oppen <john@vanoppen.com>, nanog@merit.edu
In-Reply-To: <17352.9519.997390.569842@roam.psg.com>
Errors-To: owner-nanog@merit.edu
--7DO5AaGCk89r4vaK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jan 13, 2006 at 12:09:51PM -1000, Randy Bush wrote:
> > Well, RFC2010 section 2.12 hints at cache pollution attacks, and that's
> > been discussed already. Note that I can't seem to find the same claim
> > in RFC2870, which obsoletes 2010 (and the direction against recursive
> > service is still there).
>=20
> despite others saying that 2870 should apply to servers other
> than root servers, i do not support that. and that leaves
> aside that some root servers do not follow it very well.
I have to agree, with the exclusion that some people, having specific
requirements that are somewhat similar to root service requirements,
find 2870 and 2010 advice useful.
My intent here was to point out that all documented reasoning for this
practice is unfulfilling.
I'm curious if the rest of my response was lost on you due to its
verbosity?
--=20
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
--7DO5AaGCk89r4vaK
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDyCqncXeLeWu2vmoRAiU6AJ9f/dPDS13qey9x7CVH4KgU91ErXACeL8Yt
1n5bFEp7PMqBxhXh2e3U8ys=
=4naF
-----END PGP SIGNATURE-----
--7DO5AaGCk89r4vaK--
