[RPZ] Promoting RPZ: feedback request
Fred Morris
m3047 at m3047.net
Fri Jun 28 18:29:58 UTC 2013
I've been involved in politics enough to be somewhat of a connoisseur of
lying, and based on that to remark that there are probably as many
different words for "lying" as the Eskimos have for snow...
On Fri, 28 Jun
2013, Vernon Schryver wrote: > > From: Fred Morris <m3047 at m3047.net>
> > BIND really doesn't lie, it tells you exactly what's going on, just look
> > at the SOA in the Authority section:
>
> I agree with critics of RPZ who complain that the results of response
> policy rewrites are DNS lies. I think they are open and above board
> lies, because of that SOA.
If I follow your logic, then it seems to me that you're suggesting that
NAT is a lie... and a far more serious one because most firewalls will
actively resist attempts to learn the truth.
--
Fred
More information about the DNSfirewalls
mailing list