> On 15 mar 2015, at 21:19, Ondřej Surý <[email protected]> wrote: > > This is really vague memory of it, but the main problem was that NSEC > enumeration with public whois allowed data scraping.
Ok, but the real problem was then that all registered domain names where also delegated? Together with all data existing in Whois? Not really DNSSEC related. > Thus whois rate limiting, implementation of "hide-this" flags and NSEC3 was > deployed to prevent majority of it. Some limits were also implemented in the > registry to prevent cross-registrar data digging via EPP. Ok. paf
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
