[bind10-dev] should b10-auth return CNAME chain?
marka at isc.org
Tue Jan 25 02:14:09 UTC 2011
I've seen sites configure their nameservers to serve "com" or "."
instead of all the zones they are actually delegated. Preventing
these servers doing accidental harm is a good thing. Just because
the CNAME in the zone file is in baliwick that doesn't mean the
target is still in baliwick once the actual delegtions are taken
There are a lot of servers out there that do follow the CNAME chains
in the responses even though it is not a good idea to do so.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind10-dev