On Tue, 4 Jan 2011, David F. Skoll wrote:
On Tue, 4 Jan 2011 06:18:55 -0800 (PST)
John Hardin <jhar...@impsec.org> wrote:
DNS needs to deal with an exponentially-increased address space
regardless of how RBLs behave. Perhaphs DNS caching needs to be
partitioned so that a huge number of queries on *.spamhaus.org don't
blow everything else out of the cache.
Right, but once your cache is blown, you're back to always querying
the authoritative server. John Levine proposes a fix with a clever way
to represent many entries with a small number of queries so you don't blow
your cache.
In the vein of DNS changes needed for IPv6 (vs. simply SA and DNSBLs) what
_other_ applications would benefit from JL's tree proposal? (I confess I
haven't read the paper yet...)
I think making zone files available for download so you can run your own
authoritative servers is another good approach, especially for
whitelists.
Oh, agreed. But I don't think it's the _only_ alternative.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Health Care _is_ a right - the government has no business keeping
you from getting it. But forcing somebody else to pay for your
health care at gunpoint (i.e. through taxation) is _not_ a right.
-----------------------------------------------------------------------
13 days until Benjamin Franklin's 305th Birthday
