git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Matthijs Mekking <matthijs@isc.org>
	Wed, 12 Oct 2022 14:24:13 +0000 (16:24 +0200)
committer	Matthijs Mekking <matthijs@isc.org>
	Fri, 11 Nov 2022 11:06:33 +0000 (12:06 +0100)
commit	53eab060837ddf792a0da5d8424fe955c190d375
tree	82d080af31bf8bb58dbd09d7d25deb949add3222	tree \| snapshot
parent	f51901eaca63b8445027cf018dafdd67f0dc1421	commit \| diff

Change default TTL of NSEC3PARAM to SOA MINIMUM

Despite the RFC says that the NSEC3PARAM is not something that is
intended for the resolver to be cached, and thus the TTL of 0 is most
logical, a zero TTL RRset can be abused by bad actors.

Change the default to SOA MINIMUM.

lib/dns/zone.c

diff | blob | blame | history

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom