On 2010-02-24 14:09, Peter Andreev wrote: > 2010/2/24 Alan Clegg <acl...@isc.org <mailto:acl...@isc.org>> > > Peter Andreev wrote: > > > > For example: if user asks for non-existent domain, caching > server > > > replies with some address and no-error rcode. > > > > _Extremely_ bad idea. > > > > > > Yes, I know, but boss is boss and task is task :). > > > > Thank you very much for your answer. > > You might want to talk to your boss about DNSSEC and how it > insures that > "answer modification" is not allowed -- and how it keeps your > customers > safe and secure and is a good selling point (see the Comcast > announcement that was made yesterday). > > AlanC > > Oh, DNSSSEC is another headache. These two tasks doesn't influence > each other. As far as I can tell, they DO: your modified answers will be marked as BOGUS by DNSSEC and will be thrown away.
Niobos
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
