On Thu, Sep 27, 2007 at 06:45:55PM -0700,
Paul Hoffman <paul(_dot_)hoffman(_at_)vpnc(_dot_)org> wrote
a message of 36 lines which said:
It ignores one of the main reasons that many organizations purposely
choose to provide recursive lookup to the public, namely for their
own roaming users.
No, it is *not* ignored. See section 4, for instance :
o Use TSIG [RFC2845] or SIG(0) [RFC2931] signed queries to
authenticate the clients. This is a less error prone method,
which allows server operators to provide service to clients who
change IP address frequently (e.g. roaming clients).
VPN are another solution, although not mentioned in the I-D, may be
because it is obvious.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf