pe> Resolver coders are vastly more likely to have knowledge of what pe> might break, what is unsafe, etc. And if they miss a check, the odds pe> of said resolver coders finding this out quickly, and fixing it and pe> getting it deployed, are much better than expecting apps or pe> middleware box developers to do so.
Just to be clear, I don't think this is the best architecture in a perfect world. I'd love to see all apps using a solid DNS library, like getdnsapi, doing their own validation, etc. and knowing what is/isn't valid data. I just don't see that as a reasonable expectation any time soon... _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
