Op 2 okt 2023 om 11:04 heeft libor.peltan <libor.pel...@nic.cz> het volgende geschreven:
> I would even rather see a recommendation that firewalls and middleboxes > don't do any kind of DNS packet handling. Why should they? DNS traffic is for > DNS servers and they are the most capable entity for handling them, including > FORMERR responses on wrongly formatted queries. Given that firewalls and middleboxes that do DNS packet handling are widely deployed and, in fact, best current practice amongst some groups of operators, I think any crusade in that direction would be better to describe in a different document. There are a whole pile of considerations around whether it's useful to make such a recommendation that are well outside the scope of this one. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
