This is a discussion on Re: correction! Re: The math of RFC3833.2.2-spoofing a randomisingsource port resolver - DNS ; bert hubert wrote: > How about just not caching the glue-A? If you receive a referral and try several nameservers, you must keep the glue information, which is called caching. > It is out of bailiwick. As I showed with ...
bert hubert wrote:
> How about just not caching the glue-A?
If you receive a referral and try several nameservers, you must
keep the glue information, which is called caching.
> It is out of bailiwick.
As I showed with MX, under ID guessing attack, "bailiwick" is a
broken concept.
Throw it away.
Masataka Ohta
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive:
