<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On 17 November 2016 at 12:56, P Vixie <span dir="ltr"><<a href="mailto:paul@redbarn.org" target="_blank">paul@redbarn.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
On November 17, 2016 11:17:19 AM GMT+08:00, Matthew Pounsett <<a href="mailto:matt@conundrum.com">matt@conundrum.com</a>> wrote:<br>
>On 17 November 2016 at 12:06, Jim Reid <<a href="mailto:jim@rfc1035.com">jim@rfc1035.com</a>> wrote:<br>
</span>...<br>
<span class="">>Alternatively, 2136 could have defined an RCODE response that indicates<br>
>"never send updates here." The meaning assigned to REFUSED can (and<br>
>is)<br>
>interpreted as a refusal to accept that individual update, and so it's<br>
>perfectly reasonable to assume the next update might be accepted.<br>
<br>
</span>That would have been a DOS vector, so, no.<br><br></blockquote><div>And fair enough. In the absence of DNSSEC that would definitely have been a consideration. </div></div><br></div></div>