[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [BEHAVE] The renumbering problem [Re: Comments on the NAT66 draft]
On 19 nov 2008, at 1:29, james woodyatt wrote:
My hunch is that those folks should probably be using DNS-SD instead
of the fragile cruftiness they're struggling against now.
Can DNS service discovery be secured with DNSSEC?
What if there are unsigned delegations in the delegation hiearchy?
If I'm going to base my firewalling rules or VPN setup on the DNS then
the DNS info must be protected against poisoning and other attacks.
Iljitsch