[dns-operations] Limiting DNSSEC-based amplification attacks (Was: Weird TXT record
David Conrad
drc at virtualized.org
Fri Jun 24 23:15:55 UTC 2011
Rick,
On Jun 24, 2011, at 11:49 AM, Rick Jones wrote:
> That depends on how reasonable/legitimate it is felt to toss the baby of a non-caching resolver talking to an authoritative server out with the bathwater of an attack.
I'm curious: can you point to a non-caching resolver with non-trivial deployment? (Not denying they exist, honestly curious).
Regards,
-drc
More information about the dns-operations
mailing list