On 21/11/2022 17:26, Petr Špaček wrote:
Speaking of default CHAOS zones, I have another idea:
Do we need them after NSID was standardized?
Yes.
There is a lot of special code just for built-in CH zones, and IIRC
we have had at least one CVE which affected default config only
because of
folks (especially BIND developers),
Apologies if this has been discussed and answered before. I just
noticed that BIND doesn't respond to CH/TXT/VERSION.SERVER queries. It
only responds to ID.SERVER.
Other name servers, such as Knot DNS, NSD, Verisign's ATLAS name
server, Quad9's
I just noticed that
> BIND doesn't respond to CH/TXT/VERSION.SERVER queries. It only responds to
> ID.SERVER.
>
> Other name servers, such as Knot DNS, NSD, Verisign's ATLAS name server,
> Quad9's and Cloudflare's public resolvers, respond to VERSION.SERVER queries.
>
> So what'
Hi folks (especially BIND developers),
Apologies if this has been discussed and answered before. I just noticed
that BIND doesn't respond to CH/TXT/VERSION.SERVER queries. It only
responds to ID.SERVER.
Other name servers, such as Knot DNS, NSD, Verisign's ATLAS name server,
Quad9's
4 matches
Mail list logo
