[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: in support of axfr-clarify

To: "D. J. Bernstein" <djb@cr.yp.to>
Subject: Re: in support of axfr-clarify
From: Mark.Andrews@isc.org
Date: Fri, 29 Nov 2002 08:22:10 +1100
Cc: namedroppers@ops.ietf.org
In-reply-to: Your message of "28 Nov 2002 10:21:07 -0000." <20021128102107.75560.qmail@cr.yp.to>

> [ post by non-subscriber.  with the massive amount of spam, it is easy to
>   miss and therefore delete mis-posts.  your subscription address is
>   54830374684695-namedroppers@sublist.cr.yp.to, please post from it or
>   fix subscription your subscription address! ]
> 
> Mark.Andrews@isc.org writes:
> > This is why you MUST preserve zone contents with AXFR.
> 
> No. If a screwy configuration causes problems with the deployed AXFR
> protocol, the solution is to outlaw the configuration, not to demand
> that the entire universe deploy new software.

	There is nothing "screwy" about that configuration.  It and
	others like it happen all the time in large organisations.
	Can't you see that any implementation that CHANGES the
	contents of a zone and then transfers it is BROKEN.  The
	purpose of AXFR it to transfer the zone unaltered between
	server.  If the server doesn't maintain the zone it is no
	longer transfering the zone.

	BIND 4 and BIND 8 AXFR implementations have ALWAYS been
	broken as they change the replace parts of the zones contents
	silently.

> Is interoperability such a difficult concept to grasp? If you want a new
> protocol, use a new query type. Using the existing AXFR type is clearly
> malicious: you're trying to hurt other implementors and users.

	The server behaviour was under specified.  Common sense
	says that you have to maintain the zone contents if you are
	going to be part of a zone transfer graph.  Clarifications
	are EXPECTED to correct mis-implementations.  We mis-implemented
	AXFR for years (and still do in BIND 4 and BIND 8).

	Mark

> ---D. J. Bernstein, Associate Professor, Department of Mathematics,
> Statistics, and Computer Science, University of Illinois at Chicago
> 
> 
> 
> --
> to unsubscribe send a message to namedroppers-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/namedroppers/>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Follow-Ups:
- how to deploy new zone-transfer protocols
  - From: "D. J. Bernstein" <djb@cr.yp.to>

References:
- Re: in support of axfr-clarify
  - From: "D. J. Bernstein" <djb@cr.yp.to>

Prev by Date: Re: namedroppers mismanagement, continued
Next by Date: Re: in support of axfr-clarify
Previous by thread: Re: in support of axfr-clarify
Next by thread: how to deploy new zone-transfer protocols
Index(es):
- Date
- Thread