Don't kid yourself. This is wishing for a security outcome which will
never reach fruition because of asymmetric interests and capabilities.
On Sun, 6 Nov 2022, Grant Taylor via bind-users wrote:
[...]
I find that $CLIENTNAME or some other stand in for the client is a potential
for information lek.
The PUBLIC DNS is not secure against eavesdropping or parallel
construction and never will be. Just like the destruction of whois (never
was a good tool) doesn't prevent reconstruction of people's networks.
People like me get paid a lot of money to see that this is so, and at
least in some cases I remain convinced it's a good enough idea I don't
care what people think about it. I even offer software to accomplish this
for free on the internet; I even leverage features of e.g. BIND to do
this.
I can make arguments for being generic, or provider centric, or customer
centric; I can also make arguments for outright lying. Hey, choose your
own adventure; other people will judge you accordingly.
--
Fred Morris, internet plumber
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
