Home page logo
/

nanog logo nanog mailing list archives

Re: AW: Odd policy question.
From: "David W. Hankins" <David_Hankins () isc org>
Date: Fri, 13 Jan 2006 14:48:04 -0800

On Fri, Jan 13, 2006 at 12:07:11PM -1000, Randy Bush wrote:
and thereby hiding the fact that someone has either lame delegated
or i have forgotten to remove an auth zone, both cases i want to
catch.  not a win here.

Responding with stale data is, arguably, more damaging than failing
to respond at all.

So much so that the SOA expiry field serves to protect us from this
threat.

So, even though Randy is wrong for wanting to catch misconfigurations
by producing incorrect data, I also don't see where Joe is coming from.

If I hosted my domain with someone whose server was answering recursive
queries, I would probably use a lower value for expiry than I normally
would otherwise.

-- 
David W. Hankins                "If you don't do it right the first time,
Software Engineer                       you'll just have to do it again."
Internet Systems Consortium, Inc.               -- Jack T. Hankins

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]