[dns-operations] How much trouble am in in on May 5?

Joe Abley jabley at hopcount.ca
Wed May 5 14:16:06 UTC 2010


On 2010-05-05, at 14:11, Edward Lewis wrote:

> At 12:26 +0200 5/5/10, Joe Abley wrote:
> 
>> Clients who request answers over UDP without EDNS0 (the clients you're
>> talking about, following the original DNS spec size) cannot set the DO bit,
>> and hence ought not receive larger responses.
> 
> Except for the example below.

Granted. I should have clarified that I was talking about referrals and priming responses, since the context is things that make the DNS work today that might break tomorrow.

> Granted, a DNSKEY query wouldn't be done unless you were thinking about DNSSEC.

Yeah.

On 2010-05-05, at 15:18, George Barwood wrote:

> dig @j.root-servers.net . ANY
> 
> does not require DNSSEC thoughts. I wouldn't anticipate problems with this though,
> although there are potential issues with qmail when signing mail domains later on.


Do you know of a resolver that issues such a query as part of a recursive lookup that a real Internet user might trigger?


Joe


More information about the dns-operations mailing list