[dns-operations] CloudFlare policy on ANY records changing

Yunhong Gu guu at google.com
Tue Mar 10 00:33:19 UTC 2015


Returning NOTIMP may confuse resolvers as it is not clear "what is not
implemented". A NOTIMP response to an ANY query with EDNS0 option could
cause a retry-without-EDNS0 query, or mislead the resolver to believe that
the nameserver does not support EDNS0.

Yunhong

On Fri, Mar 6, 2015 at 2:10 PM, Paul Vixie <paul at redbarn.org> wrote:

>
>
> Jared Mauch wrote:
>
>  > On Mar 6, 2015, at 11:02 AM, Olafur Gudmundsson <ogud at ogud.com> <ogud at ogud.com> wrote:>
>
> > > By announcing this we are hoping that anyone running un-patched qmail will fix it.
>
> I’m guessing there will be no change.
>
>
> right. most of us blocked IDENT (without ICMP, to force the far end into
> its longest possible state-holding timeout period) in order to communicate
> the offensive futility of a protocol that asked an initiator to help in any
> way to verify the identity behind some other connection emanating from that
> same initiator, and the result was not widespread "IDENT sucks, i'm turning
> it off", but rather, further ignorance and more bliss.
>
> QMAIL users are already accustomed to frequent mystery failures. no matter
> how many authority servers turn off ANY queries, there will be no patching
> of QMAIL and no migration of QMAIL operators to other platforms.
>
> the interesting part of this game will be when mozilla firefox's users
> start switching back to Chrome again because the DNS community's immune
> response to the recent QTYPE=ANY change hits that browser right between the
> eyes. perhaps they'll switch MPR (mozilla portable runtime) to the newer
> "http://getdnsapi.net/" <http://getdnsapi.net/> tech in order to stem
> their losses? anyway i'm going to stock up on popcorn so as to enjoy
> watching this show.
>
> --
> Paul Vixie
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150309/c472f6fc/attachment.html>


More information about the dns-operations mailing list