On 4/15/15, 7:42, "George Michaelson" <g...@apnic.net> wrote:
>So on that basis: the FTP rule passes: we have open FTP, why would we >block AXFR? It's your call, it's local policy. I've worked in environments where the name servers answering queries did not implement the AXFR mechanism. "Generally unwise" can mean that knowledgeable operators will have a reason to allow it. (By the same token, why would one use NSEC3 for signed zones when the zone is available over FTP?)
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
