[dns-operations] Trustworthiness of PTR record targets

Lawrence K. Chen, P.Eng. lkchen at ksu.edu
Tue Mar 4 20:51:47 UTC 2014



On 03/04/14 04:20, Jim Reid wrote:
> On 3 Mar 2014, at 17:26, Stephen Malone <Stephen.Malone at microsoft.com> wrote:
> 
>> 1.       In general, can I trust PTR records? Is ownership of the target domain validated at setup time by ISPs, and if yes, how is this done?
> 
> Define what you mean by "trust" and "validate". For bonus points, define "ownership".
> 

Depends on who's asking?

This question made me think about our IPv6 assignment....our network
manager has a /32, which they had divvied up among the members.  We got
a /44, which is next to the /44 that another university was assigned.

Sometime later, that university said the /44 was not sufficient for
their needs and wanted our /44, which appeared that we weren't using yet....

So, to prevent their request from going forward, it was suggested that I
provide reverse DNS for the space to prove our "ownership" of it.

But, its just an empty zone on our DNS.  As there are no plans to allow
IPv6 (including the tunneling protocols) on our network.

Not sure if the reason to prove "ownership" was because there wasn't
another /44 or for reasons of vanity and/or rivalry...

-- 
Who: Lawrence K. Chen, P.Eng. - W0LKC - Sr. Unix Systems Administrator
For: Enterprise Server Technologies (EST) -- & SafeZone Ally



More information about the dns-operations mailing list