On Mon, Feb 19, 2007 at 02:50:56PM +0000, Paul Vixie wrote:
> > > server 10.0.0.0/8 { bogus yes; };
> > > server 172.16.0.0/12 { bogus yes; };
> > > server 192.168.0.0/16 { bogus yes; };
>
> > is there a way to say "if source is in same domain, allow, else deny"?
> > I'd like to allow 10.0.0.53 as a nameserver on *my* (home) network....
>
> you mean, a name server looking at its own fully qualified host name and
> making policy decisions based on that? (sounds Incredibly Dangerous.)
future of the DNS there Paul. The natural growth of local policy.
(fwtw, i think Ed is right - the problem is conflating the protocol
w/ implementaitons artifacts)
--bill
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
