-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I think the distinction here is really important. Precise language, or
lack thereof, results in unfortunate conclusions.
$bystander;
- - ferg
On 3/17/2015 7:56 PM, Robert Edmonds wrote:
> Hi,
>
> draft-hoffman-dns-terminology-02 has the following definition:
>
> Passive DNS -- A mechanism to collect large amounts of DNS data by
> storing queries and responses from many recursive resolvers.
> Passive DNS databases can be used to answer historical questions
> about DNS zones such as which records were available for them at
> what times in the past.
>
> I think this is referring to the concept originally described in
> Florian Weimer's "Passive DNS Replication" paper [0], which sort of
> combines the collection and retention aspects into a single term.
> Also, scale ("large", "many") may be an interesting property of a
> particular deployment, but it isn't really intrinsic to the
> definition of the term. Nor do all systems collect both queries and
> responses (some only collect responses). I would propose something
> like the following instead:
>
> Passive DNS Replication -- A mechanism to collect and store
> resource records by observing responses, usually those sent by
> authoritative servers. Passive DNS databases can be used to recover
> DNS records which were served in the past, and may allow certain
> kinds of "inverse" searches of the stored records. Sometimes
> shortened to "passive DNS".
>
> [0] http://www.enyo.de/fw/software/dnslogger/first2005-paper.pdf
>
- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2
"I am tormented with an everlasting itch for things remote. I love to
sail forbidden seas." - Herman Melville
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iF4EAREIAAYFAlUI6wwACgkQKJasdVTchbI9/gD+K1nnPd3vdyLiFxlM0PX32qjV
7LoqcOqoFhaJrkKLRrIA/2DiN29kdv/oNgfXbn3zdA4s8C7zcSHB4EiB9e4ggaj/
=EAZj
-----END PGP SIGNATURE-----
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
