I concur with Vladimir.
Anyway, I'd much rather see a BCP draft saying that TTLs in general
SHOULD NOT be larger than 5 minutes (probably both on authoritative side
and the resolvers' own ceiling).
/Libor
On 21. 11. 25 10:47, Vladimír Čunát wrote:
On 20/11/2025 17.30, Duane Powers wrote:
I have submitted a new individual draft proposing the EXPIRE opcode,
which allows an authenticated authoritative operator to request
immediate deletion of a specific RRset from a resolver cache.
I'm afraid that this would even more encourage behavior that is
detrimental to the DNS ecosystem.
I.e. we break our DNS, but since we can fix 8.8.8.8 and a few others,
it's just fine. I believe that this kind of cache-flushing should be
very exceptional for absolute emergency, not something with an
automated protocol.
--Vladimir | knot-resolver.cz
_______________________________________________
DNSOP mailing list [email protected]
To unsubscribe send an email [email protected]
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
