On Sep 28, 2011, at 5:47 AM, Joe Abley wrote: > > On 2011-09-27, at 14:21, Edward Lewis wrote: > >>> We respond honestly to queries for HOSTNAME.BIND, VERSION.BIND, ID.SERVER, >>> VERSION.SERVER as well as RFC5001/NSID on L-Root, for example. >> >> It's not a matter of honesty. > > No inference intended; what I meant was we let the software report its actual > version number, and the actual hostname of the server rather than overriding > them (as I've seen some people do).
Just a sampling of some of the version strings we've seen in scanning DNS resolvers and authorities: "The name is BIND, James BIND" "Enterprise I don't think so captain" "13:54 <@zarkdav> well, one could write a zone file so that it returns a joke" "666 the number of the beast...!" "A kinky version of course" "ALL YOUR BASE ARE BELONG TO US" "All we are is dust in the wind" "Are you still shivering? Are you still cold? Are you loathsome tonight? Does your madness shine bright?" "Ash nazg durbatuluk, ash nazg gimbatul, ash nazg thrakatuluk agh burzum-ishi krimpatul." "Aye, Carumba! He's looking at me version string!" (We have even received abuse complaints for querying for version strings!) _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
