Re: [DNSOP] DNS terminology: "Passive DNS"

Stephane Bortzmeyer <bortzmeyer@nic.fr> Wed, 18 March 2015 16:07 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 426561A0027 for <dnsop@ietfa.amsl.com>; Wed, 18 Mar 2015 09:07:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.56
X-Spam-Level:
X-Spam-Status: No, score=-1.56 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qvy-hrNZLmhD for <dnsop@ietfa.amsl.com>; Wed, 18 Mar 2015 09:07:12 -0700 (PDT)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B44C01A1EF6 for <dnsop@ietf.org>; Wed, 18 Mar 2015 09:07:09 -0700 (PDT)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 44A232802A5; Wed, 18 Mar 2015 17:07:08 +0100 (CET)
Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 3FEF82800D4; Wed, 18 Mar 2015 17:07:08 +0100 (CET)
Received: from bortzmeyer.nic.fr (unknown [IPv6:2001:67c:1348:7::86:133]) by relay1.nic.fr (Postfix) with ESMTP id 349474C0053; Wed, 18 Mar 2015 17:06:38 +0100 (CET)
Date: Wed, 18 Mar 2015 17:06:38 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Robert Edmonds <edmonds@mycre.ws>
Message-ID: <20150318160638.GA23210@nic.fr>
References: <20150318025644.GA10290@mycre.ws>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20150318025644.GA10290@mycre.ws>
X-Operating-System: Debian GNU/Linux 8.0
X-Kernel: Linux 3.16.0-4-686-pae i686
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/3NLNNGmhYffCDLOAqhqVkBgUzxA>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] DNS terminology: "Passive DNS"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Mar 2015 16:07:14 -0000

On Tue, Mar 17, 2015 at 10:56:44PM -0400,
 Robert Edmonds <edmonds@mycre.ws> wrote 
 a message of 34 lines which said:

>    Passive DNS Replication -- A mechanism to collect and store resource
>    records by observing responses, usually those sent by authoritative
>    servers. Passive DNS databases can be used to recover DNS records
>    which were served in the past, and may allow certain kinds of
>    "inverse" searches of the stored records. Sometimes shortened to
>    "passive DNS".

My contribution to the painting of the bikeshed: I would drop "usually
those sent by authoritative servers" because the responses can be sent
by servers which are not authoritative for this specific zone (that's
why DNSDB indicates the bailiwick of the response).