OK, the #MaginotDNS attack seems serious but I do not understand it yet. #DNS
@93a8f0c3 Seems to be a very specific edge case, both at deployment and implementation: 1) "Conditional DNS Resolver" aka both recursive and forward (I never thought this is a good idea, even if used a lot to "speed up" some internal requests on a closed network and 2) "they share the same global DNS cache" (the recursive part and the forward part). So I am not convinced. Even if it seems all nameservers strains were updated because of those bugreports.