<html><head><style>body{font-family:Helvetica,Arial;font-size:13px}</style></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px; color: rgba(0,0,0,1.0); margin: 0px; line-height: auto;">On 2 September 2016 at 15:08:26, Daniel Kalchev (<a href="mailto:daniel@digsys.bg">daniel@digsys.bg</a>) wrote:</div> <div><blockquote type="cite" class="clean_bq" style="font-family: Helvetica, Arial; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><span><div></div><div><br>> On 2.09.2016 г., at 15:38, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:<br>><span class="Apple-converted-space"> </span><br>> On Fri, Sep 02, 2016 at 01:33:08PM +0100,<br>> Tony Finch <dot@dotat.at> wrote<span class="Apple-converted-space"> </span><br>> a message of 33 lines which said:<br>><span class="Apple-converted-space"> </span><br>>> Dropping responses is likely to cause problems with legitimate ANY<br>>> queries.<br>><span class="Apple-converted-space"> </span><br>> And it may help poisoning attacks (the spoofer no longer has a race<br>> with the real server).<br><br>Which is why people go to the trouble of deploying DNSSEC.</div></span></blockquote></div><p>Sounds like a dog chasing its own tail, isn’t it? ;)</p><div id="bloop_sign_1472821927165230080" class="bloop_sign"><p>Cheers,</p><p>-- <br>Nico</p><div><br></div></div></body></html>