On Sat, Jul 26, 2008 at 05:47:54PM -0400, Sean Donelan wrote: > On Sat, 26 Jul 2008, [EMAIL PROTECTED] wrote: > > there you go. the massive effort to patch would likley have > > better been spent to actually -sign- the stupid zones and > > work out key distribution. but no... running around like > > the proverbial headless chicken seems to get the PR. > > Maybe someone could publish a blacklist of vulnerable recursive > name servers, and then F-Root, the other root name servers, > and other "popular" sites could start refusing to answer queries > from vunerable name servers until after the blacklist operator decides > they've patched their recursive server sufficiently? > > Maybe that would get their attention and encourage them to apply > resources to the problem? > > Extreme situations justify extreme measures; or how extreme do > you believe justifies what measures?
Knock yourself out Sean. --bill