ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [secdir] secdir review of draft-ietf-dnsop-reflectors-are-evil-04.txt

2007-10-02 00:57:44
from [Danny McPherson] [Permanent Link] 

On Oct 2, 2007, at 1:41 AM, Mark Andrews wrote:


        Someone should talk to ucdavis.edu and get this idiocy pulled.


And NIST, and many many others..


        Because there are lots of recursive and authoritative
        nameservers out there behind firewalls that get it right.

        I've seen many more complaints about UDP packets > 512 bytes
        being blocked than complaints about fallback to TCP failing.

        Most people actually do the right thing without thinking
        about it.  The allow TCP out to anything this includes DNS
        servers.

        Most allow both UDP and TCP in to their nameservers.  This
        is the silent majority.


Again, any pointers empirical data along these lines would
be appreciated.

-danny

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [secdir] secdir review of draft-ietf-dnsop-reflectors-are-evil-04.txt, Mark Andrews
Next by Date:  Re: [secdir] secdir review of draft-ietf-dnsop-reflectors-are-evil-04.txt, Mark Andrews
Previous by Thread:  Re: [secdir] secdir review of draft-ietf-dnsop-reflectors-are-evil-04.txt, Mark Andrews
Next by Thread:  Re: [secdir] secdir review of draft-ietf-dnsop-reflectors-are-evil-04.txt, John Kristoff
Indexes:  [Date] [Thread] [Top] [All Lists]