[dns-operations] "Rogers: NXDOMAIN means NXSERVICE for you"
Fergie
fergdawg at netzero.net
Wed Jan 3 19:41:57 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -- Matt Ghali <matt at snark.net> wrote:
>On Wed, 3 Jan 2007, Fergie wrote:
>
>> It's easy to see that, if the checks are not made somewhat more
>> bulletproof, you senselessly cut off your downstream customers.
>
>It's also likely that the heuristics work extremely well for the
99.98 customers using their resolvers, who have a few random Windows
boxes behind their CPE.
>
>Anyone doing anything more complex than that really should be
running their own caching nameserver, for a variety of reasons
besides this anyway.
>
>Lets be careful about demonizing ISPs for not addressing the zombie
problem, and then demonizing them again for trying to be more
responsible.
>
If you interpreted my remarks as "demonizing" ISP's for trying
to do a Good Thing, then you misunderstood (or I was articulate
enough). :-)
Either way, I think it's fine that they're trying to address the
problem (and it is a huge one at that) -- I can just imagine being
on the customer-end of a "false positive" and being kind of miffed. :-)
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.2 (Build 4075)
wj8DBQFFnAcAq1pz9mNUZTMRAja+AKDJi81CFZuNvrmzVSPOHAnKeLa21wCghVZ4
OpRgD1JYL23YqyYk+syFODA=
=RADX
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the dns-operations
mailing list