On 20/11/2025 17.30, Duane Powers wrote:
I have submitted a new individual draft proposing the EXPIRE opcode, which allows an authenticated authoritative operator to request immediate deletion of a specific RRset from a resolver cache.
I'm afraid that this would even more encourage behavior that is detrimental to the DNS ecosystem.
I.e. we break our DNS, but since we can fix 8.8.8.8 and a few others, it's just fine. I believe that this kind of cache-flushing should be very exceptional for absolute emergency, not something with an automated protocol.
--Vladimir | knot-resolver.cz
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
