[Unbound-users] unbound 1.4.6 released

Peter Koch pk at DENIC.DE
Wed Aug 4 11:58:35 UTC 2010


On Wed, Aug 04, 2010 at 11:23:48AM +0200, Marco Davids (SIDN) wrote:

> That argument, even though it makes sense, seems somewhat inconsistent
> with an earlier decision to implement draft-vixie-dnsext-dns0x20-00 in

these two don't compare too well IMHO.  First, the only issue in 0x20
that needed(?) standardization was the advice that the QNAME be copied
to the response bitwise (no casefolding involved). Whether or not
that constituted a change people have varying opinions about.
The hack itself is pretty much client side and it was fully described
in the I-D (still I'm not too happy to see this defaulted to from an
operational perspective).

> one was was happy that you implemented it as an option. I suppose I
> could be equally happy with fiddling around with DNScurve a bit. A

That would indeed be interesting, but DNScurve isn't as complete and
stable as 0x20 possible could be.  I appreciate resolver implementers
being conservative about implementing moving targets. Resolvers, if
widely deployed, cause swarm effects on the infrastructure and some
caution is due.

-Peter



More information about the Unbound-users mailing list