Philip Miller wrote:
Fridrik Skulason wrote:
[..]
I am all for that - as I have said before, I am all in favour of any
method of authentication that meets the following criteria:
I'll take a shot at justifying LMAP here. If any of this doesn't appear
in the proposal draft we currently have, it may need to be added in some
form.
[..]
3) Can not be (easily) abused to result in a DoS attack.
I can think of a potential issue with LMAP and DoS attacks. Consider:
If someone can poison the caches used by, say, AOL's incoming MXs to not
list your legitimate MTA, then your mail is PERMFAILed incorrectly.
Unfortunately, this is something that we as a group cannot try to solve.
Our best approach would be to note this possibility and move on.
[..]
Take a look at:
http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dns-threats-05.txt
We should reference the document, and move on. BTW, if anyone wants to
help with LMAP discussion draft, please email Alan.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Why are both drug addicts and computer aficionados both called
users?" (Clifford Stoll)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg