kumari> I think that there is consensus that it is stupid. There is also kumari> consensus that using a fork to get the stuck toast out of the kumari> toaster is a bad idea -- however....
york> I'm not sure that there's necessarily a whole lot of value in us york> coming out with a document "Using PTRs To Reject SSH Connections york> Considered Harmful" - I don't know that our doing so will york> necessarily motivate the authors of SSH servers to change york> anything. Certainly I think the SSH case could be listed in your york> document of bad things people do with PTRs in IPv4 that will break york> in IPv6. Yup... There is discussion in a couple of distro web sites on changing this default but while most novice sysadmins will tend to use distros, if they upgrade, it doesn't stomp the /etc files. That's usually a feature. In this case, it means we're going to be living with this bad default for a while. But no reason not to talk to our friends that work on debian/freebsd et al and have them change the default to at least not make it worse but it will be around a while. I would say that this is a situation where the part of the v6 PTR space we seem to be more inclined to argue about (broadband/consumers) are probably not being bit as much by this. Most won't use ssh and those of us that do use ssh over v6 probably do know our friendly sysadmin (or have ways of getting PTRs fixed by hand). So as we resurrect the reverse mapping considerations draft, we point out there that doing this check seems to be current default but that it isn't useful/helpful? That and get the distros to fix the default? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
