[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNSSEXT Yokohama Minutes

To: namedroppers <namedroppers@ops.ietf.org>
Subject: Re: DNSSEXT Yokohama Minutes
From: Edward Lewis <edlewis@arin.net>
Date: Mon, 16 Sep 2002 08:40:41 -0400
In-reply-to: <Pine.LNX.4.44.0209031638210.2813-100000@spratly.nominum.com>
References: <Pine.LNX.4.44.0209031638210.2813-100000@spratly.nominum.com>

I would think [0] that if a signed positive answer is given, there is no reason to show that there was potentially a wildcard (signed or unsigned) available. If there exists an unsigned positive answer, *is* there a need to prove that there is no wildcard? I guess so, but this is getting sticky.

At 4:40PM -0700 9/3/02, Brian Wellington wrote:

The positive response with opt-in also needs to contain proof that there's
no secure wildcard, otherwise secure wildcards can be spoofed away.  This
will mean another SIG and SIG(NXT) in almost every case.

[0] Apologies - I am reviewing the thread while flying back from RIPE, so the reply is delayed and possibly confused.

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-703-227-9854
ARIN Research Engineer

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Follow-Ups:
- Re: DNSSEXT Yokohama Minutes
  - From: Derek Atkins <derek@ihtfp.com>

References:
- Re: DNSSEXT Yokohama Minutes
  - From: Brian Wellington <Brian.Wellington@nominum.com>

Prev by Date: Re: mDNS/LLMNR and "local.arpa"
Next by Date: Re: DNSSEXT Yokohama Minutes
Previous by thread: Re: DNSSEXT Yokohama Minutes
Next by thread: Re: DNSSEXT Yokohama Minutes
Index(es):
- Date
- Thread