On Nov 6, 2014, at 9:33 AM, John Levine <jo...@taugh.com> wrote: > >> stupid thing I've been wondering: Is there a reason not to use wildcard >> PTRs? >> >> $ORIGIN 6.7.6.2.7.6.7.0.1.0.0.2.ip6.arpa. >> * 604800 IN PTR home-ipv6-customer.isp.net. > > This turns out to be a Well Known Bad Idea (WKBI). > > Most PTR checks look up the name to be sure there's a matching forward > (AAAA in this case) record, and ignore them if there isn't.
I think Evan was proposing that home-ipv6-customer.isp.net would also exist, so a PTR check that looked for *existence* would succeed, but one that looked for *matching* would fail for most of those addresses. Do we know whether typical PTR checks look for existence or matching? --Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
