Self explanatory? Like an OWASP top ten? Background:
I'm implementing a service to query $some_data via the DNS as a convenience. I've done this before, several times, and usually to break the DNS in some fashion or other, but this time I'm actually trying to faithfully present data. Plus, it's nominally exposed to at least part of the big bad internet, which I've always avoided in the past. So for starters, this service won't be directly exposed. I intend to use the DNS for caching / proxying, in other words the actual DNS server which will be exposed to the internet will be e.g. BIND, Knot, Unbound (and it will forward to the service for that zone). I'm viewing that as similar to a WAF. It's read only, it has no ability to write data. It will serve TXT records. [0] What's BCP? Thanks in advance... -- Fred Morris -- [0] I'm going back and forth on requiring TXT in the query or just returning it regardless. _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
