S Moonesamy wrote:
...
I have not followed this discussion, but my cursory read of the tracker
ticket shows the WG blew off the issue by claiming that historical
unsophisticated attacks can be easily thwarted, while completely
ignoring the case where the target domains exist. Aborting an
amplification attack on failures does not do anything about the case
where an attacker goes to the trouble to make sure all the quires will
return valid answers. Either the issue-tracker discussion is
inadequate, or this is exactly the kind of thing that adds excess delay
and
workload to the IESG review process.
It seems that the above is related to Issue #24 [1]. I posted a rough
summary
of the initial discussion [2]. I took a look at the IETF 83 minutes and I
found
"DNS amplification attacks" [3] mentioned. There was a message from
Andrew Sullivan [4].
A working group may decide to blow off the issue if it wants. The issue
can
be listed in the write-up.
Yes it can, and they often do. The question in this case is more about the
way that was documented, and Douglas' effective call for a wider review of
the decision. It may simply be the wording in the issue tracker, but reading
that the effective message is:
"a security issue was raised, and a subset of the potential attack is
easily mitigated, therefore the WG is dropping it"
There may well be more to it, and I said I have not been following it. The
point is that 'outside reviewers' will not be immersed in past discussion,
so what and why should be clear. I purposefully tied this to the ongoing
IESG process discussion, because it is a prime example of why post-WG
discussions take longer than expected, and may result in changes.
Tony