Re: InterNIC Name Server is a slave server
Actually I've heard the work on some sort of authenticated or secure DNS
system is doing well. Don't know where you could grab more info on it
though.. That would provide the more secure environment for doing DNS
updates.
----- Original Message -----
From: "Robert Varga" <robi@piros.zold.net>
To: "Chris Wagner" <wagnerc@plebeian.com>
Cc: "t s a d i" <ch4di@yahoo.com>; <debian-isp@lists.debian.org>
Sent: Wednesday, March 08, 2000 11:46 AM
Subject: Re: InterNIC Name Server is a slave server
>
>
> On Tue, 7 Mar 2000, Chris Wagner wrote:
>
> > At 02:20 AM 3/7/00 -0800, t s a d i wrote:
> > >is, is it OK if the DNS server registered on InterNic as authoricative
> > >is not a master but just a slave w/c depends on its data from an
> > >external/different DNS server ?
> >
> > As long as the servers listed by InterNIC give out correct DNS info, it
> > shouldn't matter. You might have some strange behaviour if something
wants
> > an authoritative answer but I doubt it.
> >
>
> You have some mistaken opinion about DNS authority. A slave DNS server is
> an authoritative DNS server. Only cached DNS data is not an authoritative
> source of information.
>
> IMHO best security for DNS services is to get their data from an
> unpublished third DNS server, and publish two slave servers for the
> registrar.
>
> This way neither of the DNS servers can be bombarded with false update
> requests forged to come from the master since the master should be
unknown
> for outsiders. This way the slave DNS data cannot be poisoned.
>
> Robert Varga
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
Reply to: