I am not if I understand all the questions. Is this for an implementation of a recursive (caching) name server?
----- Original Message ----- From: "masataka ohta" <[EMAIL PROTECTED]> > Does the following work to prevent DNS cache contamination > > 1) have no public access on shared media from cache to external > network (to prevent MITM) > Agree with bert. As long as you trust the links. > 2) have separate cache for glue Could the server mark glue RRsets in cache, then trust them when they can be confirmed through subsequent queries? > > 3) cache an answer to a query but activate it only after a > compatible answer is returned for latter query (to protect > against ID space attack) > A later query initiated by the server, or from another client? I think I do not understand this. Scott > ? > > Masataka Ohta > > #---------------------------------------------------------------------- > # To unsubscribe, send a message to <[EMAIL PROTECTED]>. > #---------------------------------------------------------------------- # To unsubscribe, send a message to <[EMAIL PROTECTED]>.
