[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ymbk-6to4-arpa-delegation-00.txt
>> i would prefer it if you impose no changes to getaddrinfo/getnameinfo
>> with your proposal. arrangements within server side would be better
>> at this stage
>> (we can't change deployed codebase any longer, there are huge number
>> of Solaris 8 boxen out there).
>I would like not to change it too, but the alternative to create records
>on the fly in the DNS servers is an invitation for DOS attack on DNSsec...
i don't understand why you would want to sign synthesized (generated-
on-the-fly) record with DNSSEC. if you don't sign it, the server
should be able to respond proptly enough (= no worry for DoS).
itojun