bert hubert wrote:

> How about just not caching the glue-A?


If you receive a referral and try several nameservers, you must
keep the glue information, which is called caching.

> It is out of bailiwick.


As I showed with MX, under ID guessing attack, "bailiwick" is a
broken concept.

Throw it away.

Masataka Ohta


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: