If I remember the discussions correctly, there was a sense that the
resolver decides the local policy. And that yes, those are the three
options. Perhaps the options should be made more clear in a text somewhere.
On Tue, 31 Oct 2017, Ólafur Guðmundsson wrote:
There are three ways to treat this
On 2016-12-21 21:44, Nolan Berry wrote:
> Hello,
>
>
> I will keep my feedback short and to the point. We have implemented RPZ
> across our resolvers and it has been a fantastic tool to stop botnet
> C&Cs and outbound DDoS attacks. I just wanted to say it has been an
> extremely valuable tool
Hi,
.SE is currently performing DNS tests of consumer broadband routers as
we have had problems with DNSSEC and these types of products (EDNS0
and so on). We have been running a number of tests using the attached
test specification. However, we would like to broaden the scope of our
tests to inclu
Sorry, the attachment was missing.
--
Patrik Wallström
Project Manager, R&D
.SE (Stiftelsen för Internetinfrastruktur)
E-mail: [EMAIL PROTECTED]
Web: http://www.iis.se/
DNS test protocol for SOHO-routers
*** Is the router EDNS0 capable
On Aug 12, 2008, at 6:56 PM, Dean Anderson wrote:
This message seems to answer many of the questions over the last few
days.
.SE have 922 domains with DS records. The lack of .COM domains is
probably because .COM is not signed. It is much easier to put a trust
anchor in your resolver for
On May 13, 2010, at 9:56 AM, George Barwood wrote:
> I have been thinking about KSK rollover in my DNSSEC implementation, and it
> seems
> that there is currently no specification for KSK rollover within the DNSSEC
> protocol.
>
> There is this expired requirements draft
>
> http://tools.iet
On Apr 14, 2012, at 1:38 AM, David Conrad wrote:
> On Apr 13, 2012, at 3:30 PM, Jaap Akkerhuis wrote:
>>> More pragmatically, while I understand the theory behind rejecting NTAs,
>>> I have to admit it feels a bit like the IETF rejecting NATs and/or DNS
>>> redirection. I would be surprised if fo
On 09 Mar 2014, at 09:28, Patrik Fältström wrote:
> On 2014-03-08 09:00, Mark Andrews wrote:
>> They have failed to invent / document a common standard way for
>> machine updates to work. They could have quite easily got together
>> anytime in the last decade and done a standardised update prot
On 09 Mar 2014, at 13:19, Patrik Fältström wrote:
> On 2014-03-09 10:19, Patrik Wallstrom wrote:
>> But the fact is that EPP is several magnitudes better harmonized
>> between TLDs compared to that registrars are offering their
>> customers. There is no way around that toda
