Hi,
draft-hoffman-dns-terminology-02 has the following definition:
Passive DNS -- A mechanism to collect large amounts of DNS data by
storing queries and responses from many recursive resolvers. Passive
DNS databases can be used to answer historical questions about DNS
zones such as which records were available for them at what times in
the past.
I think this is referring to the concept originally described in Florian
Weimer's "Passive DNS Replication" paper [0], which sort of combines the
collection and retention aspects into a single term. Also, scale
("large", "many") may be an interesting property of a particular
deployment, but it isn't really intrinsic to the definition of the term.
Nor do all systems collect both queries and responses (some only collect
responses). I would propose something like the following instead:
Passive DNS Replication -- A mechanism to collect and store resource
records by observing responses, usually those sent by authoritative
servers. Passive DNS databases can be used to recover DNS records
which were served in the past, and may allow certain kinds of
"inverse" searches of the stored records. Sometimes shortened to
"passive DNS".
[0] http://www.enyo.de/fw/software/dnslogger/first2005-paper.pdf
--
Robert Edmonds
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
