True, but many smaller networks don't particularly care about DNS, and
are only willing to put in a token effort due to lack of personnel and
lack of understanding.
What problem are we trying to solve? If its "small networks have good dns",
then unfortunately we do need to keep that in mind.
-pe
Running critical infrastructure isn’t “easy” so if a relatively short document
scares people off then that’s probably not the worst thing.
I don’t mean to be dismissive of your comments, but providing a DNS resolver to
users while not super complicated in many respects is a serious undertaking.
I think all three would do a great job, but I would like to support Doris
for WG Co-Chair.
--
Brain, n.:
The apparatus with which we think that we think.
-- Ambrose Bierce, "The Devil's Dictionary"
--
To unsubscribe from this mailing list, get a password reminder, or c
If I recall correctly, someone just mentioned at the mic during the BCOP BOF
session that such a long list of recommendations might actually scare people
off from running their own resolver.
Maybe adding a short paragraph in the introduction like the one below might
address this:
"Operators int
Moin!
On 26 Nov 2023, at 18:01, Shane Kerr wrote:
> ### Aggressive NSEC caching
>
> **Aggressive NSEC caching should be enabled.**
>
> For: Public resolver operators.
>
> "Aggressive NSEC caching", meaning negative caching based on NSEC and
> NSEC3 values, can reduce traffic greatly. It is importa
