On Wed, Feb 11, 2015 at 05:36:22PM +0100, Petr Spacek wrote: > In other words, I do not think we can prevent people from doing crazy things > just by obscuring format of diagnostics data. I'm sure somebody will try to > parse free-form string 'signature expired 1 week ago' and do some decisions > from that :-)
I wasn't thinking of obscuring anything, just mentioning my one major concern about including diagnostics with SERVFAIL responses: I fear it will be a tempting target for someone to attempt misguided cleverness. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop