To:
JINMEI Tatuya / �$B?@L@C#:H�(B
<jinmei@isl.rdc.toshiba.co.jp>
cc:
Måns Nilsson <mansaxel@sunet.se>, <dnsop@cafax.se>
From:
Dean Anderson <dean@av8.com>
Date:
Wed, 26 Mar 2003 11:42:35 -0500 (EST)
In-Reply-To:
<y7visu6sp7f.wl@ocean.jinmei.org>
Sender:
owner-dnsop@cafax.se
Subject:
Re: Radical Surgery proposal: stop doing reverse for IPv6.
Yes, I agree with this. Both of the methods you have listed replace the
convenience of having reverse.
--Dean
On Wed, 26 Mar 2003, JINMEI Tatuya / [ISO-2022-JP] �$B?@L@C#:H�(B wrote:
> >>>>> On Sun, 23 Mar 2003 23:57:43 +0100,
> >>>>> Måns Nilsson <mansaxel@sunet.se> said:
>
> >> So the question is if security benefits provided by reverse lookups
> >> outweighs the disadvantages.
>
> > Security usage of reverse is so absurd (given that DNNSEC will not help if
> > someone tries to put another domain as RDATA in PTR records) that it is
> > irrelevant.
>
> Can we all really agree on this point? I know many people in this
> thread (regardless of their position about reverse mapping) said a
> similar point, but I still see those who believe in the "security
> benefit" of reverse mapping.
>
> If I'm wrong, then I'll be happy, and we can consider various
> approaches for the "convenience" purposes which may coexist each
> other. Such approaches will include:
>
> - wildcard reverse mapping for some upper zone
> - ICMPv6 node information queries
>
> JINMEI, Tatuya
> Communication Platform Lab.
> Corporate R&D Center, Toshiba Corp.
> jinmei@isl.rdc.toshiba.co.jp
>
> #----------------------------------------------------------------------
> # To unsubscribe, send a message to <dnsop-request@cafax.se>.
>
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.
Home |
Date list |
Subject list