To:
Måns Nilsson <mansaxel@sunet.se>
Cc:
dnsop@cafax.se
From:
JINMEI Tatuya / �$B?@L@C#:H�(B
<jinmei@isl.rdc.toshiba.co.jp>
Date:
Wed, 26 Mar 2003 13:53:56 +0900
In-Reply-To:
<60350000.1048460263@localhost.besserwisser.org>
Sender:
owner-dnsop@cafax.se
User-Agent:
Wanderlust/2.6.1 (Upside Down) Emacs/21.2 Mule/5.0 (SAKAKI)
Subject:
Re: Radical Surgery proposal: stop doing reverse for IPv6.
>>>>> On Sun, 23 Mar 2003 23:57:43 +0100,
>>>>> Måns Nilsson <mansaxel@sunet.se> said:
>> So the question is if security benefits provided by reverse lookups
>> outweighs the disadvantages.
> Security usage of reverse is so absurd (given that DNNSEC will not help if
> someone tries to put another domain as RDATA in PTR records) that it is
> irrelevant.
Can we all really agree on this point? I know many people in this
thread (regardless of their position about reverse mapping) said a
similar point, but I still see those who believe in the "security
benefit" of reverse mapping.
If I'm wrong, then I'll be happy, and we can consider various
approaches for the "convenience" purposes which may coexist each
other. Such approaches will include:
- wildcard reverse mapping for some upper zone
- ICMPv6 node information queries
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
jinmei@isl.rdc.toshiba.co.jp
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.
Home |
Date list |
Subject list