AW: Odd policy question.

• Previous message (by thread): AW: Odd policy question.
• Next message (by thread): AW: Odd policy question.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 13, 2006 at 12:07:11PM -1000, Randy Bush wrote:
> and thereby hiding the fact that someone has either lame delegated
> or i have forgotten to remove an auth zone, both cases i want to
> catch.  not a win here.

Responding with stale data is, arguably, more damaging than failing
to respond at all.

So much so that the SOA expiry field serves to protect us from this
threat.

So, even though Randy is wrong for wanting to catch misconfigurations
by producing incorrect data, I also don't see where Joe is coming from.

If I hosted my domain with someone whose server was answering recursive
queries, I would probably use a lower value for expiry than I normally
would otherwise.

-- 
David W. Hankins		"If you don't do it right the first time,
Software Engineer			you'll just have to do it again."
Internet Systems Consortium, Inc.		-- Jack T. Hankins
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20060113/843c2ce5/attachment.sig>

• Previous message (by thread): AW: Odd policy question.
• Next message (by thread): AW: Odd policy question.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]