[dns-operations] dnsop-any-notimp violates the DNS standards
P Vixie
paul at redbarn.org
Mon Mar 16 23:15:50 UTC 2015
On March 17, 2015 7:42:09 AM GMT+09:00, Michael Sinatra <michael at brokendns.net> wrote:
>
>
>On 03/16/15 07:23, bert hubert wrote:
>
>> Separately, I fail to see why we actually need to outlaw ANY queries
>when we
>> can happily TC=1 them.
>
>If the public recursives also support TC=1 on all ANY queries, then
>this
>works. If not, the issue arises where just-below-the-radar attacks are
>using many public recursives, in which case you're not stopping much.
Michael, what attacks do you think we can stop by limiting ANY? Paul
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the dns-operations
mailing list