On 10/26/2018 01:23 AM, Matus UHLAR - fantomas wrote:
there is not.
Thank you, Matus and Tony, for the direct answer.
using short TTLs is very risky, and forcing minimum TTL is apparently not way to work around.
Understood. - I /think/ that I'm somewhat (dangerously?) informed and /choosing/ my own poison. Maybe.
To be clear, I'm not wanting to artificially lower the TTL. I want to respect any and all TTLs that are longer than my locally administered minimum.
My motivation for setting the minimum TTL (while fully accepting any and all risk and associated responsibility there for) is to thwart DNS Rebinding. Or to at least make it much more difficult (as in longer than my artificial minimum TTL) to do.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
