On 07/08/2017 16:44, Ólafur Guðmundsson wrote:
> This was the original proposal, > the drawback is that resolvers to not cache the answer, and to make > things worse they ask ALL NS addresses for listed domain > thus it acts as a DDoS against the domain in question. Indeed - I've since confirmed that BIND does this. I think my point still stands that this behaviour should be documented in the section that talks about a possible new RCODE and why that option was rejected. kind regards, Ray _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
