[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: axfr-clarify supporting unauthorized users
[ post by non-subscriber. with the massive amount of spam, it is easy to miss
and therefore delete posts by non-subscribers. your subscription address is
54830374684695-namedroppers@sublist.cr.yp.to, please post from it or, if you
wish to regularly post from an address that is not subscribed to this
mailing list, send a message to namedroppers-owner@ops.ietf.org and ask to
have the alternate address added to the list of addresses from which
submissions are automatically accepted. ]
Greg Hudson writes:
> If the connection is closed, there are several explanations: the server
> is djbdns and doesn't have you configured as an authorized secondary,
> the server process crashed and the kernel closed the connection, the
> server is running through a misconfigured inetd or tcpserver.
> I don't think a reasonable implementor can construe a TCP FIN as an
> error message.
By exactly the same silly argument, SERVFAIL isn't an error message.
Maybe the server program ran out of memory; maybe the disk died; maybe
the system administrator removed a crucial configuration file; maybe the
operating system ran out of file descriptors; etc.
> Contrary to what you've said before, making it easier to detect common
> misconfigurations is an important aspect of interoperability.
By that argument, anybody using AXFR is violating ``interoperability,''
because my recommended use of rsync-over-ssh does a vastly better job of
detecting and reporting common misconfigurations.
---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>