So, sorry I added an example set and we rat-holed on those.
My point is that the recursive reoslver has no idea why an authoritative
is unreachable and that doing anything like sending stale records is
going to cause unintended problems.
-chris
___
DN
On Mon, Mar 4, 2019 at 11:00 PM Paul Wouters wrote:
> On Tue, 5 Mar 2019, Mark Andrews wrote:
>
> >> On Tuesday, 5 March 2019 02:21:42 UTC Christopher Morrow wrote:
> >>> can I ask, what happens when a domain is intentionally down though? For
> >>> ins
On Mon, Mar 4, 2019 at 9:26 PM Paul Vixie wrote:
> On Tuesday, 5 March 2019 02:21:42 UTC Christopher Morrow wrote:
> > can I ask, what happens when a domain is intentionally down though? For
> > instance, take .eg... ~4yrs back? (maybe 5?) Someone requested that the
> > mas
can I ask, what happens when a domain is intentionally down though? For
instance, take .eg... ~4yrs back? (maybe 5?) Someone requested that the
master/shadow NS go down, hard. All public auth servers eventually (in a
day or so) went dark too.
If someone is 'ordered' to make a zone dark, there may
darn, I keep reading 'client-id' as 'client subnet' :( back in my hole I go.
On Tue, Jul 25, 2017 at 9:53 AM, Christopher Morrow wrote:
>
>
> On Tue, Jul 25, 2017 at 5:55 AM, Ted Lemon wrote:
>
>> On Jul 24, 2017, at 8:59 PM, Christopher Morrow
>&g
On Tue, Jul 25, 2017 at 5:55 AM, Ted Lemon wrote:
> On Jul 24, 2017, at 8:59 PM, Christopher Morrow
> wrote:
>
> and at the cache->auth layer it's potentially the case that the provider
> can say: "use precision of /24" or "use precision of /17" ? So,
On Thu, Jul 20, 2017 at 1:54 PM, Ted Lemon wrote:
> It would be nice if there were an RFC to point to that used a method that
> didn't include PII. For the use cases of which I am ware, there is no
> need to identify individual devices: only policies. What's lacking is a
> way to do this in t
On Jul 19, 2016 8:36 AM, "Ralf Weber" wrote:
>
>
> Except that if you have a decent size and hot Cache with refreshing
> these records will be in there anyway. IMHO you gained nothing, but I
> agree with Jim Reid that it would be good to have data on this.
Nothing except some DNS round trips.
How
On Wed, Jul 13, 2016 at 3:42 PM, John R Levine wrote:
> why all that complexity? if some remote device (iot thingy) wants 'dns over
>> http' why would it not (as a first order answer) just ask
>> /cgi-bin/dnslookup for 'srv:foo.com' ? (returned answer in txt, json,
>> etc...)
>>
>> why bother wit
On Wed, Jul 13, 2016 at 10:59 AM, Tony Finch wrote:
> Shane Kerr wrote:
> >
> > OTOH, I am (obviously) not a web developer, so perhaps I overestimate
> > the difficulty in working with DNS binary-format. Maybe it's a
> > relatively compact set of JavaScript functions that can be used?
>
> It wou
On Wed, Jan 21, 2015 at 4:53 PM, John Heidemann wrote:
> I don't see how DoS is an argument against TCP for DNS. (Unless one
> assumes hardware and software at the servers is fixed to something like
> 2004 standards.) What am I missing?
What's the average client load expected (number of unique
On Tue, Dec 9, 2014 at 12:12 PM, Randy Bush wrote:
> this is an amusing list. i can understand EXAMPLE, LOCALHOST, and TEST.
> maybe even WHOIS and WWW. but the rest sure look as if lawyers wanted
> and got what is in effect a super trademark.
I am shocked that there are lawyers in the naming
#1 - support doing the work to finalize the edns-client-subnet standard.
now... (I hope my inline response is accepted by the readers of this
wg's list, I would note that someone's quoting is all jacked up... oh
well)
On Thu, May 8, 2014 at 12:17 PM, Paul Vixie wrote:
>
>
> Ralf Weber wrote:
>
On Wed, Apr 2, 2014 at 11:31 AM, Christopher Morrow
wrote:
> On Wed, Apr 2, 2014 at 11:19 AM, π Roy Arends wrote:
>
>> Just a thought that occured to me. Crypto-maffia folk are looking for a
>> minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
&g
On Wed, Apr 2, 2014 at 11:19 AM, π Roy Arends wrote:
> Just a thought that occured to me. Crypto-maffia folk are looking for a
> minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
> are looking for a maximum (i.e. at most soo many bits otherwise
> fragmentation/fallba
On Thu, Mar 27, 2014 at 2:39 PM, Nicholas Weaver
wrote:
>
> On Mar 27, 2014, at 11:18 AM, Christopher Morrow
> wrote:
>
>> On Thu, Mar 27, 2014 at 10:52 AM, Paul Hoffman wrote:
>>> Yes. If doing it for the DNS root key is too politically challenging, maybe
>&g
On Thu, Mar 27, 2014 at 10:52 AM, Paul Hoffman wrote:
> Yes. If doing it for the DNS root key is too politically challenging, maybe
> do it for one of the 1024-bit trust anchors in the browser root pile.
why would this be politically sensitive?
___
DN
If I have a patch which makes no sense, will you also add it?
On Mar 22, 2014 1:25 PM, "Paul Vixie" wrote:
>
>
> bert hubert wrote:
> > ...
> >
> > 43.504115 IP x.y.117.10.0 > 192.175.48.6.53: 6365+ SOA?
> 168.192.in-addr.arpa. (38)
> > 45.504152 IP x.y.117.10.0 > 192.175.48.6.53: 6365+ SOA?
> 16
On Mon, Jun 17, 2013 at 10:19 PM, Mark Andrews wrote:
>
> In message
> ,
> Christopher Morrow writes:
>> On Mon, Jun 17, 2013 at 8:49 PM, Mark Andrews wrote:
>> >> Unfortunately the former are far too prevalent. It's undoubtedly too
>> >> late,
On Mon, Jun 17, 2013 at 8:49 PM, Mark Andrews wrote:
>> Unfortunately the former are far too prevalent. It's undoubtedly too
>> late, but unfortunately it might have been better to do the
>> fragmentation within the UDP payload (i.e. inside DNS) somehow (c.f.
>> http://tools.ietf.org/html/rfc5405
On Fri, Feb 15, 2013 at 5:05 PM, Paul Ebersman wrote:
>
> nick> I like this and think it should be adopted as a WG doc. Am not
> nick> going to volunteer for formal document review, but would be happy
> nick> to run + provide feedback for this sort of code in a live
> nick> environment.
>
> I als
On Tue, Oct 9, 2012 at 11:13 AM, Antoin Verschuren
wrote:
> So enough prior art.
> Question is more if we need action and if so what.
> I don't have any knowledge about the US patent system, or any patent
> system as a matter of fact.
perhaps the questions to ask are:
1) does it hurt the filing
On Wed, Mar 31, 2010 at 1:55 PM, Dan Wing wrote:
> But Remi's point is that those same systems (running Windows XP
> and IE6) using 6rd will be denied the ability to access content
> via IPv6. Β Which removes an incentive for ISPs to add 6rd (and
> offload the NAT44 they may soon have to install).
On Tue, Mar 30, 2010 at 10:58 AM, Andrew Sullivan wrote:
> On Tue, Mar 30, 2010 at 01:46:07PM -0400, Edward Lewis wrote:
>>
>> Why is there a need to wean people off IPv4?
>
> Because we're about to run out of v4 addresses, according to the
> people in charge of giving them out.
all that means is
On Wed, Mar 31, 2010 at 10:41 PM, Patrick W. Gilmore wrote:
> On Apr 1, 2010, at 12:29 AM, John Jason Brzozowski wrote:
>
>> Not necessarily, if a dual stack hosts communicates with a recursive name
>> server over both IPv4 and IPv6 and other conditions are met then I believe
>> it would be fine b
2009/8/3 Florian Weimer :
> * JINMEI Tatuya / η₯ζιε:
>
>> What does a recursive server that implements the DNS redirect service
>> do in this case?
>
> Empty responses are typically rewritten. "NXDOMAIN redirect" is a
> misnomer.
>
>> then I guess authoritative server implementors who don't like
>>
26 matches
Mail list logo
