[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ymbk-6to4-arpa-delegation-00.txt

To: Alain Durand <Alain.Durand@Sun.COM>
Subject: Re: draft-ymbk-6to4-arpa-delegation-00.txt
From: itojun@iijlab.net
Date: Mon, 25 Nov 2002 11:38:30 +0900
Cc: dns op wg <dnsop@cafax.se>, v6ops@ops.ietf.org
Delivery-date: Sun, 24 Nov 2002 18:41:32 -0800
Envelope-to: v6ops-data@psg.com
In-reply-to: Alain.Durand's message of Mon, 11 Nov 2002 13:32:12 PST. <3DD021DC.70400@sun.com>
Sender: owner-v6ops@ops.ietf.org

>>	i would prefer it if you impose no changes to getaddrinfo/getnameinfo
>>	with your proposal.  arrangements within server side would be better
>>	at this stage
>>	(we can't change deployed codebase any longer, there are huge number
>>	of Solaris 8 boxen out there).
>I would like not to change it too, but the alternative to create records
>on the fly in the DNS servers is an invitation for DOS attack on DNSsec...

	i don't understand why you would want to sign synthesized (generated-
	on-the-fly) record with DNSSEC.  if you don't sign it, the server
	should be able to respond proptly enough (= no worry for DoS).

itojun

References:
- Re: draft-ymbk-6to4-arpa-delegation-00.txt
  - From: Alain Durand <Alain.Durand@Sun.COM>

Prev by Date: Re: why I'm not implementing IPv6
Next by Date: RE: IPv6 transition architecture discussion
Previous by thread: Re: draft-ymbk-6to4-arpa-delegation-00.txt
Next by thread: The Inside-Out ISATAP Model
Index(es):
- Date
- Thread