2009/8/3 Florian Weimer <f...@deneb.enyo.de>: > * JINMEI Tatuya / 神明達哉: > >> What does a recursive server that implements the DNS redirect service >> do in this case? > > Empty responses are typically rewritten. "NXDOMAIN redirect" is a > misnomer. > >> then I guess authoritative server implementors who don't like >> NXDOMAIN redirect could introduce a "auto-site-finder" option, >> defaulting to yes, which automatically adds a wildcard name (of some >> meaningless RR type) at the apex of each authoritative zone:-) > > I don't think this trick will work.
with the unspoken reason of: "Because the redirctor has full control over the dns reponse path and can 'at will' replace any response with one of it's choosing." For instance replacing all instances of: "isc.org" with "dns-assist.com" because of either mal-intent or misconfiguration on the part of the redirector service owner. -Chris _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
