Paul Vixie wrote: > dns content filtering can be triggered by response data also, and not just by > the dns request (which itself might not be the initial request.) in common use > by dns firewalls, for example those using DNS RPZ, policy might be triggered > by the iteration through an authoritative name server address, or an > authoritative name server name, or by the response (answer) address, or even > by the stub client's IP address.
Was DNS intentionally designed to be insecure? thanks, Rob
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
