Re: (short version) Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard
2015-03-06 10:17:04Thanks for the comments. While digesting them, I have one comment:
On 6 mar 2015, at 07:14, John C Klensin <john-ietf(_at_)jck(_dot_)com> wrote: Generally, while I think you should warn that URI records may cause some risks that do not exist with, e.g., conventional name to address mappings (note that the "downgrade attack or not" considerations above would apply equally well to: foo.example.com. IN A 10.2.0.44 being diverted into a response of foo.example.com. IN A 10.0.0.6 (which would be, historically, a likely upgrade attack, but it has nothing to do with URI records but is equally preventable by an integrity check.)) As long as there is a warning, I really don't care very much what you say, but whatever you do say should be as accurate as possible.
I also see tons of zeroconf stuff (Apple Bonjour) using DNS already today in the geographically local context without much DNSSEC. Patrik
signature.asc
Description: Message signed with OpenPGP using GPGMail
| Previous by Date: | Re: (short version) Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard, Patrik Fältström |
|---|---|
| Next by Date: | Re: Last Call: <draft-farrresnickel-harassment-05.txt> (IETF Anti-Harassment Procedures) to Best Current Practice, John Leslie |
| Previous by Thread: | Re: (short version) Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard, John C Klensin |
| Next by Thread: | Re: (short version) Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard, John C Klensin |
| Indexes: | [Date] [Thread] [Top] [All Lists] |