[dns-operations] AXFR "policy"
sm at resistor.net
Thu Mar 31 22:02:32 UTC 2011
At 09:34 30-03-2011, Florian Weimer wrote:
>Is this the case where a zone file transfer was allegedly used in
>preparation of a security breach?
>The following paragraph tries to make the case that a public offering
>of zone transfers does not actually consent to any use by third
>parties. This position is not completely without merit, but the
>arguments put forth are incorrect.
>Incorrect, for both "administrative domain" and "DNS domain". The
>"DNS domain" part is clear from actual domain data. Some large DNS
>operators use out-of-zone name servers exclusively.
>So most of these arguments are slightly off target or factually
>incorrect. On the other hand, in practice, zones open for transfer
More information about the dns-operations