<html><head>
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
</head><body bgcolor="#FFFFFF" text="#000000"><br>
<br>
<a class="moz-txt-link-abbreviated" href="mailto:WBrown@e1b.org">WBrown@e1b.org</a> wrote:
<pre wrap="">
</pre>
<blockquote
cite="mid:OFBB1E7A85.1AA6D15F-ON85257B50.00440705-85257B50.0044D0DC@e1b.org"
type="cite">
<blockquote type="cite"><pre wrap="">... Especially as the implementations still differ yet are interoperable.
</pre></blockquote>
<pre wrap=""><!---->
Isn't the interoperability due to the fact that RRL only interacts with
DNS clients, not other authoritative name servers. ...</pre>
</blockquote>
<br>
that's my view of the def'n of "interoperability" as it applies here.<br>
<br>
<blockquote
cite="mid:OFBB1E7A85.1AA6D15F-ON85257B50.00440705-85257B50.0044D0DC@e1b.org"
type="cite">
<pre wrap="">... In that case, is there
really a need for all versions to work exactly the the same? Shouldn't a
DNS server be able to protect itself in any manner the authors feel works
best as long as reasonable clients can resolve their queries?</pre>
</blockquote>
<br>
yes and no. yes, name server implementors should compete to build the
best possible rate limiting. but also no, it's necessary for large
multi-server authority operators to have the same kind of rate limiting
on all of their servers, and they want to be able to use more than one
rdns vendor to avoid monoclonal problems like packet-of-death
vulnerabilities.<br>
<br>
<blockquote
cite="mid:OFBB1E7A85.1AA6D15F-ON85257B50.00440705-85257B50.0044D0DC@e1b.org"
type="cite">
<pre wrap="">As more is learned about rate limiting, perhaps best practices can be
developed, and some things that are done now may be proven ineffective,
but does any of this need to ultimately end up as an RFC?</pre>
</blockquote>
<br>
yes, even if it's an FYI or BCP document rather than a STD.
<pre wrap="">
</pre>
<span style="font-family: monospace;">paul<br>
</span></body></html>