This is a discussion on Re: Agile countermeasures - DNS ; On Sat, Aug 23, 2008 at 03:18:04PM +0000, Paul Vixie wrote: > think the WG should seriously investigate, and prefer, non-modal proposals. > if in the end we can't find a solution that doesn't involve adding IDS to > DNS, ...
On Sat, Aug 23, 2008 at 03:18:04PM +0000, Paul Vixie wrote:
> think the WG should seriously investigate, and prefer, non-modal proposals.
> if in the end we can't find a solution that doesn't involve adding IDS to
> DNS, then so be it. but the main thrust of our effort should be non-modal.
If we can find such a solution, it would be wonderful.
I've been working on a paranoid rrset acceptance mode today, perhaps it will
prove possible to fine-tune it such that it won't hurt (too much) and can be
left on all the time.
At the expense of some extra queries perhaps.
Bert
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive:
