Ted Lemon wrote: ... > 3. For ssh, PTR records are completely useless, so there is no reason to add > them to address this use case. > I am not trying to justify their use, and have no specific knowledge about how the practice got started, but would observe that 15+ years ago a ptr existence check would have been a cheap dos mitigation technique given that checking invalid credentials had a large impact on cpu's of the day. It may be worth pointing out that cpu cycles are cheap, and that the time / networking resources needed to do a ptr check may now exceed the cost of just accepting all connection attempts.
Tony _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
