On Tue, Mar 28, 2017 at 12:20 PM, Paul Vixie <[email protected]> wrote:
>
> since it allocates no code point and the method requires no interop,
> this draft feels a bit like resimprove, which died on the vine for no
> reason i can now recall. it's harmless as an FYI, but does not belong on
> the standards track.
>
> speaking of resimprove, i hope you'll include in this draft the idea of
> using delegation-TTL as a delegation-recheck interval, and using an
> authoritative NXDOMAIN from the delegator as proof that you need to run
> an "rm -rf" in your cache.
>
> i bring this up because we need to be able to kill more cached data
> faster-- the opposite of stretchiness-- for abuse control reasons. if
> you're going to soften the signaling for cache expiration, you really
> ought to balance that out with this simple method of also hardening it.
>
Hi Paul,
Perhaps you've forgotten (since you participated in the discussions), but
the portion of resimprove that dealt with expunging cached data below the
NXDOMAIN boundary was rescued, expanded on, and published as
RFC 8020 ("NXDOMAIN: There Really is Nothing Underneath") late last
year.
--
Shumon Huque
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
