TLD glue sticks around too long

The recent surge in DDoS attacks has sparked debates within the DNS community about how to strengthen DNS against future attacks. One such proposal involves using an obscure feature of the core DNS protocol, known as DNS TLD glue records with custom TTL values. While this feature is not currently practical for DDoS mitigation due to operator apathy, it could be made more useful with a small tweak. The author argues that adjusting DNS glue TTLs would reduce the recovery time for DNS servers under attack and improve overall resilience against DDoS attacks.