[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ymbk-6to4-arpa-delegation-00.txt



>>	i would prefer it if you impose no changes to getaddrinfo/getnameinfo
>>	with your proposal.  arrangements within server side would be better
>>	at this stage
>>	(we can't change deployed codebase any longer, there are huge number
>>	of Solaris 8 boxen out there).
>I would like not to change it too, but the alternative to create records
>on the fly in the DNS servers is an invitation for DOS attack on DNSsec...

	i don't understand why you would want to sign synthesized (generated-
	on-the-fly) record with DNSSEC.  if you don't sign it, the server
	should be able to respond proptly enough (= no worry for DoS).

itojun