[dns-operations] sophosxl.net problem?

Paul Vixie paul at redbarn.org
Tue Nov 12 19:32:00 UTC 2019

Joe Abley wrote on 2019-11-11 08:37:
> On 11 Nov 2019, at 11:01, Paul Vixie <paul at redbarn.org> wrote:
>> the fix was called "bind9" which does not leak in this way.
> Perhaps I'm misunderstanding what you mean by "in this way"?

in context, the leak i was talking about was the use of recursive data 
in authoritative answers, coming from servers configured for both.

also note, being able to verify something with dnssec does not make it 
equal to authoritative data, because the TTL won't be the original.

P Vixie

More information about the dns-operations mailing list