In message <CADC+-gTgbRQ=vjm8kf23_d+jdvyhi6ndgrxohbdbaj6vfh1...@mail.gmail.com>, Doug Royer writes: > Firewall issue: > > We can't live in fear that only a handful of ports are forever usable > because of busted firewalls or busted firewall administrators. > > I think the decision should be based on what's best for DNS. > > I hope that older DNS servers do no crash when getting a new type of packet > information on port 53. > I would think that making sure we do not bust existing things should take > priority.
We, like I suspect every other DNS vendor, expect garbage to appear on the port / socket having had 1/4 of a century of attempts to break into machines over DNS behind us. We really should stop worrying about DNS servers falling over when something new hits them. They really don't need to be nannied. > - > Doug Royer > [email protected] > (714)989-6135 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
