On Mon, Jan 04, 2021 at 10:44:43PM -0500, Viktor Dukhovni wrote: > On Tue, Jan 05, 2021 at 02:39:27AM +0000, Paul Hoffman wrote: > > > ... > > These are certainly *interesting* choices, but the result is a valid > denial of existence, which for some reason chooses to optimise to defend > against zone walking (of a zone whose content is entirely predictable, > and likely a matter of public record, ...), rather than improved > negative caching. ...
in case this configuration is inconvenient for anybody, i've put a dump of records matching *.house.gov seen within the last seven (7) days online here: http://family.redbarn.org/~vixie/house.gov.txt i did not deduplicate, because the tick rate of the SOA serial is interesting. (moral of story: zone transfer is not the risk surface anybody thought it was.) -- Paul Vixie _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
