[dns-operations] Limiting DNSSEC-based amplification attacks
randy at psg.com
Wed Jun 29 11:13:27 UTC 2011
> Adding overhead to your operation in order to mitigate the
> effects of someone else's negligence not only subsidizes that
> negligence, but also leads to a situation in which any future
> disengagement will likely cause damage and bring blame on
> your operation.
i call this the "do gooder" software phenomenon. when you succeed in
covering the garbage, no one notices and thanks you. when you make a
mistake in doing it and cause a mess, you become a notorious ass.
do not be liberal in what you accept. that way lies chaos.
More information about the dns-operations