On Fri, Feb 15, 2019 at 4:59 AM Stephane Bortzmeyer <[email protected]> wrote:
> On Thu, Feb 14, 2019 at 01:57:14PM -0800, > Paul Vixie <[email protected]> wrote > a message of 42 lines which said: > > > the fact that i have to hotwire my RDNS cache with local zone glue > > in order to reach my own servers when my comcast circuit is down or > > i can't currently reach the .SU authorities to learn where VIX.SU > > is, should not only concern, but also embarrass, all of us. > > I agree that this is an issue (as you said, the simple case of "my own > zone" is easily solved by stub and/or forward zones in BIND) but any > solution must take care of phantom domains. If I register > malware-c-and-c-as-a-service.com and it's taken down, the solution > should not make this domain to work after. (Except of course for > resolvers who decided to configure a stub zone for this domain.) > I think in most solutions, if the name servers for " malware-c-and-c-as-a-service.com" and "com" are both unreachable, the domain should continue to resolve. But if "com" is reachable, and says " malware-c-and-c-as-a-service.com" no longer exists, it should go away. -- Bob Harold
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
