nanog mailing list archives
Re: VeriSign SMTP reject server updated
From: "Eric A. Hall" <ehall () ehsco com>
Date: Sun, 21 Sep 2003 11:28:09 -0500
on 9/21/2003 11:19 AM E.B. Dreger wrote:
Return NOERROR for one type of RR, but NXDOMAIN for another? Is that valid?! Hit me with a clue-by-four if appropriate, but I thought NOERROR/NXDOMAIN was returned per-host, regardless of RRTYPE requested. Giving NXDOMAIN for MX yet returning NOERROR for A RRs doesn't sound kosher.
It's not valid and it won't work very well if it works at all. Your local cache will use whatever it learned on the last query. This is the seed for another problem set with the various workarounds as well, although I'm still thinking these through. Different servers that provide different kinds of glue could theoretically trip your cache. At this point, I think we're on the verge of having multiple (different) namespaces, which is extremely dangerous. At the same time, the arguments against multiple roots are pretty much going out the window. To be clear, however, I don't think the workarounds are the problem. I think VeriSign has broken DNS by conflating error codes. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
Current thread:
- Re: When is Verisign's registry contract up for renewal, (continued)
- Re: When is Verisign's registry contract up for renewal Jared Mauch (Sep 21)
- Re: When is Verisign's registry contract up for renewal Brian Bruns (Sep 20)
- Re: When is Verisign's registry contract up for renewal Robert Blayzor (Sep 20)
- Re: VeriSign SMTP reject server updated Eric A. Hall (Sep 20)
- Re: VeriSign SMTP reject server updated Eric A. Hall (Sep 20)
- Re: VeriSign SMTP reject server updated Owen DeLong (Sep 20)
- Re: VeriSign SMTP reject server updated Stephen J. Wilcox (Sep 21)
- Re: VeriSign SMTP reject server updated Daniel Roesen (Sep 21)
- Re: VeriSign SMTP reject server updated Stephen J. Wilcox (Sep 21)
- Re: VeriSign SMTP reject server updated E.B. Dreger (Sep 21)
- Re: VeriSign SMTP reject server updated Eric A. Hall (Sep 21)
- Re: VeriSign SMTP reject server updated Stephen J. Wilcox (Sep 21)
- Re: VeriSign SMTP reject server updated Eric A. Hall (Sep 21)
- Re: VeriSign SMTP reject server updated David Lesher (Sep 25)
- Re: VeriSign SMTP reject server updated Gerald (Sep 25)
- Re: VeriSign SMTP reject server updated Avleen Vig (Sep 20)
- Re: VeriSign SMTP reject server updated jlewis (Sep 21)
- Re: VeriSign SMTP reject server updated Matthew S. Hallacy (Sep 21)
- RE: VeriSign SMTP reject server updated Eric Germann (Sep 21)