On Wed, Jan 8, 2025 at 4:00 PM Paul Vixie <[email protected]> wrote: > > On Wednesday, January 8, 2025 11:52:03 PM UTC Watson Ladd wrote: > > > On Wed, Jan 8, 2025, 10:53 AM Paul Vixie > > > <[email protected]> wrote: > > > > > > > ... > > > > > > Maybe I'm missing something but if the attacker is just filling the > > > cache on a recursive resolver they cooperate with the origin to get > > > the responses. > > > that's how random subdomain attacks work, yes. RRL can help but not enough.
The attacker's authoritative will not implement whatever feature you come up with to ease the load on the resolver. Sincerely, Watson -- Astra mortemque praestare gradatim _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
