adulau/pdns-qof
1
0
Fork 0
mirror of https://github.com/adulau/pdns-qof.git synced 2024-05-20 10:52:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

chg: [I-D] regeneratd

Browse source
This commit is contained in:
Alexandre Dulaunoy 2024-05-09 11:36:07 +02:00
parent 8f3b8cf443
commit 7863b019e8
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
2 changed files with 14 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
i-d/pdns-qof.pdf
View file

Binary file not shown.

28
i-d/pdns-qof.txt
View file

@ -160,8 +160,8 @@ Internet-Draft Passive DNS - Common Output Format April 2024
DNS Database from cache poisoning attacks [CACHEPOISONING]. Another
limitation that clients querying the database need to be aware of is
that each query simply gets a snapshot-in-time answer at the time of
querying. Clients MUST NOT rely on consistent [what does
"consistent" mean in this context? Coherent?] answers. Nor should
querying. Clients MUST NOT rely on existing answers from different
Passive DNS database. Nor should they assume that answers will be
@ -170,8 +170,7 @@ Dulaunoy, et al. Expires 29 October 2024 [Page 3]
Internet-Draft Passive DNS - Common Output Format April 2024
they assume that answers will be identical across multiple Passive
DNS Servers.
identical across multiple Passive DNS Servers.
3. Common Output Format
@ -221,6 +220,7 @@ Internet-Draft Passive DNS - Common Output Format April 2024
Dulaunoy, et al. Expires 29 October 2024 [Page 4]
Internet-Draft Passive DNS - Common Output Format April 2024
@ -451,16 +451,15 @@ Internet-Draft Passive DNS - Common Output Format April 2024
Servers are able to find out much about the actual person querying
the DNS records nor who actually sent the query [is the "person"
querying the DNS records not the same as the "who" actually sent the
query?]. In this sense, passive DNS Servers are similar to keeping
an archive of all previous phone books - if public DNS records can be
compared to phone numbers - as they often are. Nevertheless, the
authors strongly encourage Passive DNS implementors to take special
care of privacy issues. bortzmeyer-dnsop-dns-privacy is an excellent
starting point for this. Finally, the overall recommendations in
RFC6973 [RFC6973] should be taken into consideration when designing
any application which uses Passive DNS data.
the DNS records. In this sense, passive DNS Servers are similar to
keeping an archive of all previous phone books - if public DNS
records can be compared to phone numbers - as they often are.
Nevertheless, the authors strongly encourage Passive DNS implementors
to take special care of privacy issues. bortzmeyer-dnsop-dns-privacy
is an excellent starting point for this. Finally, the overall
recommendations in RFC6973 [RFC6973] should be taken into
consideration when designing any application which uses Passive DNS
data.
In the scope of the General Data Protection Regulation (GDPR -
Directive 95/46/EC), operators of Passive DNS Server needs to ensure
@ -501,6 +500,7 @@ Internet-Draft Passive DNS - Common Output Format April 2024
Dulaunoy, et al. Expires 29 October 2024 [Page 9]
Internet-Draft Passive DNS - Common Output Format April 2024