Re: [DNSOP] Perl related question on BULK RR
Stephane Bortzmeyer <bortzmeyer@nic.fr> Tue, 28 March 2017 16:19 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id DBF25129449
for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 09:19:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5
tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 22v11NFsPRnu for <dnsop@ietfa.amsl.com>;
Tue, 28 Mar 2017 09:19:18 -0700 (PDT)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [217.70.190.232])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 5F4F8129430
for <dnsop@ietf.org>; Tue, 28 Mar 2017 09:19:18 -0700 (PDT)
Received: by mail.bortzmeyer.org (Postfix, from userid 10)
id EF86431C7D; Tue, 28 Mar 2017 18:19:16 +0200 (CEST)
Received: by godin (Postfix, from userid 1000)
id BAE9EEC0AFC; Tue, 28 Mar 2017 18:16:30 +0200 (CEST)
Date: Tue, 28 Mar 2017 11:16:30 -0500
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Tony Finch <dot@dotat.at>
Cc: "Woodworth, John R" <John.Woodworth@CenturyLink.com>,
"'dnsop@ietf.org'" <dnsop@ietf.org>
Message-ID: <20170328161630.GB24741@laperouse.bortzmeyer.org>
References: <A05B583C828C614EBAD1DA920D92866BD0716932@PODCWMBXEX501.ctl.intranet>
<alpine.DEB.2.11.1703281107300.13590@grey.csi.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.DEB.2.11.1703281107300.13590@grey.csi.cam.ac.uk>
X-Transport: UUCP rules
X-Operating-System: Ubuntu 16.04 (xenial)
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/VR9tU1IF-qmH_pnhOfBX6qfiyqo>
Subject: Re: [DNSOP] Perl related question on BULK RR
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>,
<mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
<mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2017 16:19:20 -0000
On Tue, Mar 28, 2017 at 11:19:10AM +0100, Tony Finch <dot@dotat.at> wrote a message of 33 lines which said: > So my question is, how does the BULK rewriting system interact with DNS > loops? Is there a CPU-eating tarpit in there? Also, I find that the Security Considerations section of draft-woodworth-bulk-rr-05.txt is empty about the risk for authoritative secondary servers. Once you enable BULK, you are at the mercy of your master. (My registrar provides free secondary DNS service. Their server hosts thousands of zones they do not manage or control. I don't think they would be happy to enable BULK.) Advice: * a sub-section of Security Considerations section about this risk, * suggestions that there SHOULD be a way to disable BULK processing (or may be the opposite, make if off by default).
- [DNSOP] Perl related question on BULK RR Woodworth, John R
- Re: [DNSOP] Perl related question on BULK RR Tony Finch
- Re: [DNSOP] Perl related question on BULK RR Stephane Bortzmeyer
- Re: [DNSOP] Perl related question on BULK RR Woodworth, John R
- Re: [DNSOP] Perl related question on BULK RR John Levine
- Re: [DNSOP] Perl related question on BULK RR Woodworth, John R