[ietf-dkim] FW: draft-hallambaker-xptr-00
Douglas Otis
dotis at mail-abuse.org
Fri Jun 29 16:50:06 PDT 2007
On Jun 29, 2007, at 11:12 AM, Hallam-Baker, Phillip wrote:
>
> I just submitted the attached as a personal Internet draft. It
> describes the use of the XPTR record to provide generalized
> discovery of wildcarded prefix records.
It seems that you should have included RFC 4592 as an informational
reference. This reference provides more illustrative examples of
when wildcard synthesis is blocked when considering XPTR deployment.
The alternative to XPTR could be consistent use of discovery
records. This might be either SRV or MX records, for example. Valid
non-existence could then be established in one fewer queries without
wildcards or causing zones to expand.
Wildcards might also aid those attempting to stage some type of DNS
based DDoS attack, which is fairly common. A wildcard permits
queries for RRs having the largest possible label and never answered
from cache. Add to that a scheme that even makes three additional
queries based upon the initial query, and things get fairly depressing.
-Doug
More information about the ietf-dkim
mailing list