[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Evaluation: draft-ietf-dnsext-ad-is-secure

To: "Steven M. Bellovin" <smb@research.att.com>
Subject: Re: Evaluation: draft-ietf-dnsext-ad-is-secure
From: "Jeffrey I. Schiller" <jis@mit.edu>
Date: Wed, 09 Jul 2003 22:44:07 -0400
Cc: Rob Austein <sra@hactrn.net>, iesg@ietf.org
Organization: Massachusetts Institute of Technology
References: <20030710012019.4FB507B4D@berkshire.research.att.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020607

Right -- the whole point of this is to avoid the need for DNSsec on thin clients.

My concern would be that the clients would be so thin as to not have any secure transport technology and just "hope" that the link from the DNS server to the client isn't compromised.

-Jeff

Follow-Ups:
- Re: Evaluation: draft-ietf-dnsext-ad-is-secure
  - From: Randy Bush <randy@psg.com>

References:
- Re: Evaluation: draft-ietf-dnsext-ad-is-secure
  - From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: Re: Evaluation: draft-ietf-sip-sctp - The Stream Control Transmission Protocol as a Transport for for the Session Initiation Protocol
Next by Date: draft of rtg-dir feedback on routing protocol overloading
Previous by thread: Re: Evaluation: draft-ietf-dnsext-ad-is-secure
Next by thread: Re: Evaluation: draft-ietf-dnsext-ad-is-secure
Index(es):
- Date
- Thread