[RFCI-Discuss] Interesting Question
Alex van den Bogaerdt
alex at ergens.op.het.net
Sun Dec 4 17:25:21 EST 2005
On Sun, Dec 04, 2005 at 02:12:07PM -0800, Derek J. Balling wrote:
>
> On Dec 4, 2005, at 2:02 PM, Alex van den Bogaerdt wrote:
> >I'm not sure if this is correct or not. The answer you got is not
> >authoritative. That is correct, as the name server records are
> >a property of its child zone. It's only the missing authority
> >that bites you. The server does have knowledge on the RR you
> >queried it for, and did try to help you by presenting it to you.
>
> Right, although *technically* I should be ignoring those answers (at
> least ... I *think* I should be) in chasing down an authoritative
> answer. To do otherwise is to open myself up to DNS poisoning style
> exploits, no?
Well... you didn't ask for authority, you asked for name servers.
And those servers do know the answer so you get what you ask.
I don't pretend to know everything about DNS servers however I do
know that NS records belong to the top of the zone. As such, the
gtld-servers cannot give authoritative answers for anything they
delegated to others (such as yahoo.com.).
NS records at the bottom of the zone exist only for glue. Chances
are the servers should not provide these records as answers but I
am not sure that is indeed true.
cheers
Alex, not Theo
More information about the RFCI-Discuss
mailing list