Authoritative Server - Referrals to root
Mark Andrews
Mark_Andrews at isc.org
Fri Apr 8 02:03:48 UTC 2005
> For security reasons we should not be serving authoritative data if the
> end user does not want it/approve of it. This above domain was one
> example - but it happens quite often on others. A customers dns will
> expire / be terminated / or whatever else and unless they are current
> customers we should not be serving anything for them. Serving
> authoritative data for a customers zone without their permission could
> lead to legal problems (sitefinder revisited).
As long as the customer still has the delegation pointing
to you there is nothing wrong with serving the minimal zone.
By NOT serving the zone that is delegated to you you are
causing operational problems for yourserlf and every client
that looks up the zone.
If you were being vindictive with the answers (like returning
the addresses of a compeditor of your old customer) you would
most probably have a problem. By serving a empty zone you are
performing harm minimization.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list