Andreas Gustafsson writes: > D. J. Bernstein writes: > > Fact: Slaves _must_ discard records in some situations. > This claim has no basis in the standards. Anti-poisoning rules are required for security. I'm not going to bother addressing the irrelevant question of whether the de-facto standards in DNS security can be deduced from the de-jure standards. You have some anti-poisoning rules in BIND 9 (and BIND 8). We all know that they're necessary: some records have to be discarded. Consequently, any claim such as ``all records must be preserved'' is obviously wrong. When religious rhetoric crashes into security, we all know who wins. Yes or no: Does the specific attack described on my web page work against BIND 9? I'll give you three days to issue a security release before I send a message to bugtraq. Or are you using the defense stated on my web page, discarding records on the client side of an AXFR? > where the ISP is the *master* for the domains Different situation, but same solution: discard all records outside the source's bailiwick. End of problem. > more discriminate anti-spoofing rules Namely? Exactly what would you suggest in place of the de-facto-standard bailiwick rule? (You realize, of course, that deploying a new rule would take time.) ---D. J. Bernstein, Associate Professor, Department of Mathematics, Statistics, and Computer Science, University of Illinois at Chicago