FreeBSD violates RFC2870 [was: Re: Problems with named default
configuration in 6-STABLE]
Tom Evans
tevans.uk at googlemail.com
Tue Jul 17 11:36:09 UTC 2007
On Tue, 2007-07-17 at 13:08 +0200, Heiko Wundram (Beenic) wrote:
> On Tuesday 17 July 2007 12:47:50 Volker wrote:
> > I've googled a bit. RFC 2870 says:
> >
> > 2.7 Root servers SHOULD NOT answer AXFR, or other zone transfer,
> > queries from clients other than other root servers. This
> > restriction is intended to, among other things, prevent
> > unnecessary load on the root servers as advice has been heard
> > such as "To avoid having a corruptible cache, make your server a
> > stealth secondary for the root zone." The root servers MAY put
> > the root zone up for ftp or other access on one or more less
> > critical servers.
>
> Read up on:
>
> http://www.ietf.org/rfc/rfc2119.txt
>
> which specifically says that "should not" means "recommended not to", but not
> explicitly forbidden. So, this behaviour is not in violation of RFC2870, just
> discouraged by it. If the (respective) roots offer it, perfect.
>
Relying on a "SHOULD NOT" being ignored is a Bad Thing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20070717/f3a4b32f/attachment.pgp
More information about the freebsd-stable
mailing list