[dns-operations] dnsop-any-notimp violates the DNS standards

P Vixie paul at redbarn.org
Mon Mar 16 23:15:50 UTC 2015

On March 17, 2015 7:42:09 AM GMT+09:00, Michael Sinatra <michael at brokendns.net> wrote:
>On 03/16/15 07:23, bert hubert wrote:
>> Separately, I fail to see why we actually need to outlaw ANY queries
>when we
>> can happily TC=1 them. 
>If the public recursives also support TC=1 on all ANY queries, then
>works.  If not, the issue arises where just-below-the-radar attacks are
>using many public recursives, in which case you're not stopping much.

Michael, what attacks do you think we can stop by limiting ANY? Paul
Sent from my Android device with K-9 Mail. Please excuse my brevity.

More information about the dns-operations mailing list