On 9/30/2011 6:21 PM, Shawn Bakhtiar wrote:
We came to the conclusion that no matter how much we wanted it to
not be true, people find a way to do NXDOMAIN if they want to. The
issue is not ours to push, it's between the ISP and the customer
ultimately, and people will do it -- and more
At 14:52 29-09-2011, Michael Graff wrote:
We came to the conclusion that no matter how much we wanted it to
not be true, people find a way to do NXDOMAIN if they want to. The
issue is not ours to push, it's between the ISP and the customer
ultimately, and people will do it -- and more
*except that perhaps those who enable this feature will use it as an
excuse to avoid enabling validation, which would be a very bad result
+1 +1
A *very* bad result.
-JP
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
On 30.09.2011 03:32, 刘明星:) wrote:
How does ISP use a proxy to filters answers and returns whatever they want to
the customer?
BIND can do that for you with Response Policy Zones (DNS RPZ).
See
On 29.09.2011 23:06, Bill Owens wrote:
*except that perhaps those who enable this feature will use it as an excuse
to avoid enabling validation, which would be a very bad result, IMO. . .
My reading of the docs says that BIND's NXDOMAIN redirections won't
break DNSSEC-signed results:
If the
On Fri Sep 30 2011 at 11:50:51 CEST, Hauke Lampe wrote:
*except that perhaps those who enable this feature will use it as an excuse
to avoid enabling validation, which would be a very bad result, IMO. . .
My reading of the docs says that BIND's NXDOMAIN redirections won't
break
. . . both Evan's blog post http://www.isc.org/community/blog/201109/isc-bind-990a1-feature-preview
and the announcement of next week's webinar include NXDOMAIN
redirection as the first new feature. I'm really surprised by that
- is this something that BIND users were clamoring for?
Yes.
On 9/30/11 10:12 AM, John Wobus jw...@cornell.edu wrote:
I'm a BIND user who is clamoring to keep such a feature out of BIND.
In reality, there are plenty of you (us)... However, as usual (and
particularly for anything ruled by committee), a few (often with the most
capital) will ruin it for
On Thu, Sep 29, 2011 at 04:52:10PM -0500, Michael Graff wrote:
I'm happy you read it, and hope to see you at the forum/customer webinar next
week! I'll be speaking, and will bring my fireproof undies.
I'm already signed up, but no worries about flaming - at least not from me ;)
We came to
(without redirecting) content. Important part being the sanctioning of.
http://en.wikipedia.org/wiki/DNS_hijacking
Date: Fri, 30 Sep 2011 17:15:01 -0400
From: ow...@nysernet.org
To: mgr...@isc.org
Subject: Re: NXDOMAIN redirection in BIND 9.9
CC: bind-users@lists.isc.org
On Thu, Sep 29
On 9/30/2011 6:21 PM, Shawn Bakhtiar wrote:
We came to the conclusion that no matter how much we wanted it to not
be true, people find a way to do NXDOMAIN if they want to. The issue
is not ours to push, it's between the ISP and the customer ultimately,
and people will do it -- and more
I've obviously been asleep and not following along with the announcements of
new features in BIND 9.9 until today. . . both Evan's blog post
http://www.isc.org/community/blog/201109/isc-bind-990a1-feature-preview and
the announcement of next week's webinar include NXDOMAIN redirection as the
On Sep 29, 2011, at 4:06 PM, Bill Owens wrote:
I've obviously been asleep and not following along with the announcements of
new features in BIND 9.9 until today
I'm happy you read it, and hope to see you at the forum/customer webinar next
week! I'll be speaking, and will bring my fireproof
How does ISP use a proxy to filters answers and returns whatever they want to
the customer?
Mingxing, Liu
CNNIC
liumingx...@cnnic.cn
发件人: Michael Graff
发送时间: 2011-09-30 05:52:48
收件人: owens
抄送: bind-users
主题: Re: NXDOMAIN redirection in BIND 9.9
On Sep 29, 2011, at 4:06 PM, Bill
14 matches
Mail list logo