Joe Abley wrote on 2019-11-11 08:37:
On 11 Nov 2019, at 11:01, Paul Vixie <[email protected]> wrote:
the fix was called "bind9" which does not leak in this way.
Perhaps I'm misunderstanding what you mean by "in this way"?
in context, the leak i was talking about was the use of recursive data
in authoritative answers, coming from servers configured for both.
also note, being able to verify something with dnssec does not make it
equal to authoritative data, because the TTL won't be the original.
--
P Vixie
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
