On Thu, 11 Sep 2008, [UTF-8] OndÅej Surý wrote: > No. And I don't understand why the burden of open resolvers should > be put on shoulders of attacked DNS operators.
DNS operators aren't generally being attacked, and aren't generally complaining of the burden. Almost no one is complaining of an actual burden. Indeed, the almost total lack of burden is what's most notable for this extreme measure of closing all open recursors. However, if there someday becomes a true burden, the first complaint should go to the DNSSEC vendors/advocates such as Nominet and DNSSEC.NET who are soliciting abuse of open recursors. I don't understand why open recursors should be closed to increase the sales of DNSSEC software---closed to increase the harm from cache poisoning---closed for no reason. The whole thing appears to be a scam to me. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop