Modifying a response
Alan Clegg
aclegg at isc.org
Wed Feb 24 12:21:41 UTC 2010
Peter Andreev wrote:
> > For example: if user asks for non-existent domain, caching server
> > replies with some address and no-error rcode.
>
> _Extremely_ bad idea.
>
>
> Yes, I know, but boss is boss and task is task :).
>
> Thank you very much for your answer.
You might want to talk to your boss about DNSSEC and how it insures that
"answer modification" is not allowed -- and how it keeps your customers
safe and secure and is a good selling point (see the Comcast
announcement that was made yesterday).
AlanC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100224/ebdb0711/attachment.bin>
More information about the bind-users
mailing list