[dns-operations] Concerns regarding the ICANN/IANA DNS vulnerability checker

Andrew Sullivan ajs at commandprompt.com
Tue Aug 19 15:30:19 UTC 2008

On Tue, Aug 19, 2008 at 04:16:04PM +0200, Peter Koch wrote:
> On Tue, Aug 19, 2008 at 01:59:08PM +0200, Roy Arends wrote:
> > Another reason, and this is not that known, is that the authoritative  
> > server needs to notify others at times, and needs to resolve and cache  
> > those addresses, despite its configuration.
> Yes, and whether this information should be used for anything else but
> sending NOTIFY messages, is arguable.

Hmm, this is an interesting point.  We normally talk about "cache" for
name servers, but Peter's remarks seems to suggest thinking about
different kinds of caches, and the rules about data from one getting
into the other(s).  Is this a distinction we want to make, and is it
compatible with the current RFCs?


Andrew Sullivan
ajs at commandprompt.com
+1 503 667 4564 x104

More information about the dns-operations mailing list