[87901] in North American Network Operators' Group
Re: AW: Odd policy question.
daemon@ATHENA.MIT.EDU (David W. Hankins)
Fri Jan 13 17:48:36 2006
Date: Fri, 13 Jan 2006 14:48:04 -0800
From: "David W. Hankins" <David_Hankins@isc.org>
To: Randy Bush <randy@psg.com>
Cc: Joe Abley <Joe_Abley@isc.org>,
John van Oppen <john@vanoppen.com>, nanog@merit.edu
In-Reply-To: <17352.9359.585733.140186@roam.psg.com>
Errors-To: owner-nanog@merit.edu
--qOrJKOH36bD5yhNe
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jan 13, 2006 at 12:07:11PM -1000, Randy Bush wrote:
> and thereby hiding the fact that someone has either lame delegated
> or i have forgotten to remove an auth zone, both cases i want to
> catch. not a win here.
Responding with stale data is, arguably, more damaging than failing
to respond at all.
So much so that the SOA expiry field serves to protect us from this
threat.
So, even though Randy is wrong for wanting to catch misconfigurations
by producing incorrect data, I also don't see where Joe is coming from.
If I hosted my domain with someone whose server was answering recursive
queries, I would probably use a lower value for expiry than I normally
would otherwise.
--=20
David W. Hankins "If you don't do it right the first time,
Software Engineer you'll just have to do it again."
Internet Systems Consortium, Inc. -- Jack T. Hankins
--qOrJKOH36bD5yhNe
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDyC4kcXeLeWu2vmoRApSnAJwNwsAZSB0wHn+KDIT8XXeqBEuF9ACgn08Q
fZv12gn3qx/nDUU1MrH7wNM=
=u6kM
-----END PGP SIGNATURE-----
--qOrJKOH36bD5yhNe--
