On Wed, Jan 8, 2025 at 4:00 PM Paul Vixie <p...@redbarn.org> wrote: > > On Wednesday, January 8, 2025 11:52:03 PM UTC Watson Ladd wrote: > > > On Wed, Jan 8, 2025, 10:53 AM Paul Vixie > > > <paul=40redbarn....@dmarc.ietf.org> wrote: > > > > > > > ... > > > > > > Maybe I'm missing something but if the attacker is just filling the > > > cache on a recursive resolver they cooperate with the origin to get > > > the responses. > > > that's how random subdomain attacks work, yes. RRL can help but not enough.
The attacker's authoritative will not implement whatever feature you come up with to ease the load on the resolver. Sincerely, Watson -- Astra mortemque praestare gradatim _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
