To:
Pekka Savola <pekkas@netcore.fi>
cc:
Robert Elz <kre@munnari.OZ.AU>, Kenneth Porter <shiva@sewingwitch.com>, <dnsop@cafax.se>
From:
Edward Warnicke <eaw@cisco.com>
Date:
Fri, 28 Feb 2003 11:15:12 -0500 (EST)
In-Reply-To:
<Pine.LNX.4.44.0302281636110.21660-100000@netcore.fi>
Sender:
owner-dnsop@cafax.se
Subject:
Re: Request for review of DNS related draft
Could you be more specific about what security considerations you see? In terms of operational resistance to use, I'd expect it to be about on par with the use of rp and hinfo records. Organizations which find utility in having those records populated use them, organizations that don't see value don't use them. I've been in organizations which break both ways on hinfo and rp records. If an organization finds value in deploying this scheme, they will. It's a question of applications. Ed On Fri, 28 Feb 2003, Pekka Savola wrote: > On Fri, 28 Feb 2003, Robert Elz wrote: > [...] > > Why would my nodes care what the network that contains some random IP > > address might happen to be (or why would I ever care more than the > > routing tables will tell me) ? > > Being able to do something like this would have quite a few security > considerations, besides -- in addition to operational reluctance to take > it to use. > > Finding your *own* info could be useful, but you really need most of that > information before you can make the DNS query.. > > -- > Pekka Savola "You each name yourselves king, yet the > Netcore Oy kingdom bleeds." > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings > > #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.