Root Server Operators (Re: What *are* they smoking?)
Jack Bates
jbates at brightok.net
Thu Sep 18 14:31:27 UTC 2003
Paul Vixie wrote:
> actually, i had it convincingly argued to me today that wildcards in root
> or top level domains were likely to be security problems, and that domains
> like .museum were the exception rather than the rule, and that bind's
> configuration should permit a knob like "don't accept anything but delegations
> unless it's .museum or a non-root non-tld". i guess the ietf has a lot to
> think about now.
>
Paul,
I would argue as seen in some of my other posts, that the wildcard
feature of .museum is not always wanted either. Would it not be wise to
push forward into the future with support for software to request if it
wants a wildcard or not? While a wildcard bit is ideal, there are
methods of determining wildcard programatically. Being able to cache and
handle such information is important as different applications have
different requirements.
After all, is this the Internet or just the World Wide Web? wildcards at
the roots are catering solely to the web and disrupting other protocols
which require NXDOMAIN.
-Jack
More information about the NANOG
mailing list