On Fri, Feb 15, 2019 at 4:59 AM Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
> On Thu, Feb 14, 2019 at 01:57:14PM -0800, > Paul Vixie <p...@redbarn.org> wrote > a message of 42 lines which said: > > > the fact that i have to hotwire my RDNS cache with local zone glue > > in order to reach my own servers when my comcast circuit is down or > > i can't currently reach the .SU authorities to learn where VIX.SU > > is, should not only concern, but also embarrass, all of us. > > I agree that this is an issue (as you said, the simple case of "my own > zone" is easily solved by stub and/or forward zones in BIND) but any > solution must take care of phantom domains. If I register > malware-c-and-c-as-a-service.com and it's taken down, the solution > should not make this domain to work after. (Except of course for > resolvers who decided to configure a stub zone for this domain.) > I think in most solutions, if the name servers for " malware-c-and-c-as-a-service.com" and "com" are both unreachable, the domain should continue to resolve. But if "com" is reachable, and says " malware-c-and-c-as-a-service.com" no longer exists, it should go away. -- Bob Harold
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop