Possible fix for Kaminsky's bug
Paul Vixie
vixie at isc.org
Tue Sep 23 15:54:12 UTC 2008
"L. Gabriel Somlo" <gsomlo at gmail.com> writes:
> OK, how about this new patch ? At the option of the resolver's admin,
> ns records of equal authority will not overwrite valid cached ones.
> ...
what about the cname and dname variants, the mx glue variant, and the
other variants we don't feel confident that we can enumerate all of?
and what about the people who can change their apex ns rrsets easily
and so keep them accurate, but who can't change their parent delegation
ns rrsets easily and so let them rot somewhat?
the place for this discussion is namedroppers at ops.ietf.org, not bind-users at .
--
Paul Vixie
More information about the bind-users
mailing list