Re: [DNSOP] Big reduction in the number of DNS KillSwitches
On Saturday, August 8, 2015, Roy Arends r...@dnss.ec wrote: On 9 Aug 2015, at 01:11, manning bmann...@karoshi.com javascript:; there are other DNS Kill Switches still out there. Yeah? Which ones? I'll tell you in 18 - 24 months... :-P W Roy ___ DNSOP mailing list DNSOP@ietf.org javascript:; https://www.ietf.org/mailman/listinfo/dnsop -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Big reduction in the number of TLD zones blocking EDNS(1) queries
On 08/09/2015 01:29 AM, Joe Abley wrote: At a guess I would imagine that the widespread interest in the most recent BIND9 assertion failures with TKEY queries have caused code to be upgraded everywhere. That seems unlikely to me. Many operators only deploy minimal changes, *especially* during an unscheduled security update. If you were running BIND 9.3 before, you are essentially running it afterwards as well. -- Florian Weimer / Red Hat Product Security ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop