On Feb 19, 2007, at 10:47, Edward Lewis wrote:
At 22:23 +0000 2/16/07, Paul Vixie wrote:
what i'd like is permission from the IETF community to change our
default.
I prefer having the nameserver be told to take extra measures in a
case like this.
Right. But it depends on what's meant by "extra measures". IMO it's
more than reasonable to have a default that says "don't do reverse
lookups of 1918 addresses on the Internet". This would be a Very Good
Thing. If this was in place, the extra measures would then be for
someone using 1918 addressing to switch off that default and properly
configure their server for the local network.
Perhaps this should apply to reverse lookups on other "special"
address ranges such as link-local 169.254/16 too?
Another desirable default resolver configuration would be to refuse
recursive queries from non-local addresses.
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
