Andreas Gustafsson writes:
D. J. Bernstein writes:
Fact: Slaves _must_ discard records in some situations.
This claim has no basis in the standards.
Anti-poisoning rules are required for security. I'm not going to bother
addressing the irrelevant question of whether the de-facto standards in
DNS security can be deduced from the de-jure standards.
You have some anti-poisoning rules in BIND 9 (and BIND 8). We all know
that they're necessary: some records have to be discarded. Consequently,
any claim such as ``all records must be preserved'' is obviously wrong.
When religious rhetoric crashes into security, we all know who wins.
Yes or no: Does the specific attack described on my web page work
against BIND 9? I'll give you three days to issue a security release
before I send a message to bugtraq. Or are you using the defense stated
on my web page, discarding records on the client side of an AXFR?
where the ISP is the *master* for the domains
Different situation, but same solution: discard all records outside the
source's bailiwick. End of problem.
more discriminate anti-spoofing rules
Namely? Exactly what would you suggest in place of the de-facto-standard
bailiwick rule? (You realize, of course, that deploying a new rule would
take time.)
---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago