nanog mailing list archives
Re: comcast ipv6 PTR - DNSSEC
From: Barry Shein <bzs () world std com>
Date: Tue, 15 Oct 2013 14:32:48 -0400
On October 15, 2013 at 03:45 bmanning () vacation karoshi com (bmanning () vacation karoshi com) wrote:
Forward domains and Reverse domains are often managed by different organizations - so if you were a paranoid validator, wanting to check that the name was from the correct place, you'd want to do DNSSEC validation on both the name and the address. Not going to weigh in on the value proposition.
Unless, as is frequently the case, the only test is: NXDOMAIN? Reject, Anything but NXDOMAIN? Accept. -- -Barry Shein The World | bzs () TheWorld com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
Current thread:
- Re: comcast ipv6 PTR, (continued)
- Re: comcast ipv6 PTR Paul Ferguson (Oct 14)
- Re: comcast ipv6 PTR Barry Shein (Oct 14)
- Re: comcast ipv6 PTR John Levine (Oct 14)
- Re: comcast ipv6 PTR Blair Trosper (Oct 14)
- Re: comcast ipv6 PTR Chris Adams (Oct 15)
- Re: comcast ipv6 PTR Brielle Bruns (Oct 15)
- Re: comcast ipv6 PTR Andrew Sullivan (Oct 15)
- Re: comcast ipv6 PTR Barry Shein (Oct 14)
- Re: comcast ipv6 PTR Jimmy Hess (Oct 14)
- Re: comcast ipv6 PTR - DNSSEC bmanning (Oct 14)
- Re: comcast ipv6 PTR - DNSSEC Barry Shein (Oct 15)
- Re: comcast ipv6 PTR Barry Shein (Oct 15)
- Re: comcast ipv6 PTR John Levine (Oct 14)
- Re: comcast ipv6 PTR Barry Shein (Oct 15)
- Re: comcast ipv6 PTR Chris Adams (Oct 15)
- Re: comcast ipv6 PTR Eugen Leitl (Oct 15)
- Re: comcast ipv6 PTR Barry Shein (Oct 15)
- Re: comcast ipv6 PTR Cutler James R (Oct 15)
- Re: comcast ipv6 PTR John R. Levine (Oct 15)
- Re: comcast ipv6 PTR Mark Andrews (Oct 14)
- Re: comcast ipv6 PTR Lee Howard (Oct 15)