[prev in list] [next in list] [prev in thread] [next in thread]
List: dns-operations
Subject: Re: [dns-operations] Update Mechanisms (was Re: EDNS and TLDs)
From: Matthew Pounsett <matt () conundrum ! com>
Date: 2016-11-17 4:08:30
Message-ID: CAAiTEH8Q70Ymi_y4r+r3oLwGFF4--VWja+7TZ8XYqKkuwKzs9w () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On 17 November 2016 at 12:56, P Vixie <paul@redbarn.org> wrote:
>
>
> On November 17, 2016 11:17:19 AM GMT+08:00, Matthew Pounsett <
> matt@conundrum.com> wrote:
> >On 17 November 2016 at 12:06, Jim Reid <jim@rfc1035.com> wrote:
> ...
> >Alternatively, 2136 could have defined an RCODE response that indicates
> >"never send updates here." The meaning assigned to REFUSED can (and
> >is)
> >interpreted as a refusal to accept that individual update, and so it's
> >perfectly reasonable to assume the next update might be accepted.
>
> That would have been a DOS vector, so, no.
>
> And fair enough. In the absence of DNSSEC that would definitely have been
a consideration.
[Attachment #5 (text/html)]
<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On 17 \
November 2016 at 12:56, P Vixie <span dir="ltr"><<a href="mailto:paul@redbarn.org" \
target="_blank">paul@redbarn.org</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><span class=""><br> <br>
On November 17, 2016 11:17:19 AM GMT+08:00, Matthew Pounsett <<a \
href="mailto:matt@conundrum.com">matt@conundrum.com</a>> wrote:<br> >On 17 \
November 2016 at 12:06, Jim Reid <<a \
href="mailto:jim@rfc1035.com">jim@rfc1035.com</a>> wrote:<br> </span>...<br>
<span class="">>Alternatively, 2136 could have defined an RCODE response that \
indicates<br> >"never send updates here." The meaning assigned to \
REFUSED can (and<br> >is)<br>
>interpreted as a refusal to accept that individual update, and so it's<br>
>perfectly reasonable to assume the next update might be accepted.<br>
<br>
</span>That would have been a DOS vector, so, no.<br><br></blockquote><div>And fair \
enough. In the absence of DNSSEC that would definitely have been a consideration. \
</div></div><br></div></div>
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-operations mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic