On Thu, Sep 07, 2017 at 11:21:07AM -0400, Paul Wouters <p...@nohats.ca> wrote a message of 11 lines which said:
> > This way, requests for anything.internal which leaked at the root > > would receive an insecure denial of existence (since there is no > > DS for .internal). Problem solved, no? > > Wouldn't that be a secure denial of existence? Yes, sorry. [It may create funny interactions with RFC 8198 but I suspect that resolvers that leak .internal queries won't implement RFC 8198 anyway.] _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
