Re: IAB statement on the RPKI.

ietf

Re: IAB statement on the RPKI.

2010-02-19 19:17:25

Noel Chiappa wrote:

    >> What DNSsec will provide is ... data origin authentication and data
    >> integrity protection.

??? There is clearly something here I don't understand.


No, you don't.

How does the UDP checksum plus a cookie (nonce) protect against
a MITM attack,
on the path from the server back to the querying entity?


As DNSSEC is not protected from MitM attacks on zones on the path
between client and server zones, how can you expect plain old DNS
is better protected?

                                                Masataka Ohta

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: IAB statement on the RPKI., (continued) Re: IAB statement on the RPKI., Joe Baptista Re: IAB statement on the RPKI., Martin Rex Re: IAB statement on the RPKI., Masataka Ohta Re: IAB statement on the RPKI., Phillip Hallam-Baker Re: IAB statement on the RPKI., Phillip Hallam-Baker Re: IAB statement on the RPKI., Masataka Ohta Re: IAB statement on the RPKI., Phillip Hallam-Baker Re: IAB statement on the RPKI., Noel Chiappa Re: IAB statement on the RPKI., Martin Rex Re: IAB statement on the RPKI., Noel Chiappa Re: IAB statement on the RPKI., Masataka Ohta <=

Previous by Date:	Re: IAB statement on the RPKI., Noel Chiappa
Next by Date:	Re: document requirements and IETF procedures (was: Re: polishing of draft-ietf-dnsext-rfc3597-bis-01), SM
Previous by Thread:	Re: IAB statement on the RPKI., Noel Chiappa
Next by Thread:	Call for comments: draft-cooper-privacy-policy, Alissa Cooper
Indexes:	[Date] [Thread] [Top] [All Lists]