Unapproved AXFR?

[Bill Manning]

%    %    seen an answer to my question: is there a _technical_ reason to limit
%    %    zone transfers (except for server overload)?
%    % 
%    % If you name machines after users, projects, etc. then zone transfers can
%    % divulge proprietary information.  Most companies have a policy that the
%    % employee directory can't be distributed to outsiders; if the DNS database
%    % is almost equivalent, it makes sense not to distribute it, either.
% 
%    That, like the two reasons I gave, is not a technical justification, its
%    administrative/policy.  
% 
% All computer security is.  It's a way to use technology to implement
% policy.

	But we are not talking about computer security here, we are
	talking about the DNS for the Internet.  It's a public database
	instantiated on computer hardware. It is reasonable/prudent to
	protect the hardware and applications from tampering. Restricting
	the ability to troubleshoot problems and bring stability to the
	network is counterproductive.
	
--bill