[dns-operations] DNS zone transfers are now illegal in North Dakota?
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Thu Jan 17 20:01:37 UTC 2008
On Thu, Jan 17, 2008 at 02:07:43PM +0000, Paul Vixie wrote:
> if i were an expert witness for either side, i'd argue as follows.
>
> negative: since zone transfer is not necessary for normal internet access
> to the spammer's servers, there is no reason for mr. ritz to fetch the zone
> other than to violate the spammer's privacy. this is no different from port
> knocking. by analogy, just because i leave my car unlocked and my keys on
> the seat doesn't mean i invite unknown third parties to drive my car around.
er, "... violate the spammer's PRIVACY." ????
if the data is IN a zone file, kind of by definition its
not private. get the data in bulk (via *XFR) or as a stream
(via QUERY)... the data is there so that it can be retreieved. **
or am I misunderstanding the DNS again?
--bill
** NSEC v NSEC3 debates all over agin.
More information about the dns-operations
mailing list