[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The leftovers
At 17:31 15.01.00 -0800, Randy Bush wrote:
> > That's not an acceptable security considerations section. I propose
> > changing this to "Specifying requirements for internationalized domain
> > names does not itself raise any security issues. However, any change
> ^new
>randy
Since this is the requirements document, it's even wrong to leave it empty.
A solution that adds new points of attack against the name->address and
address->name mappings, where the protection that DNSSEC offers cannot be
applied, is not an acceptable solution (I think); the security section
should state that.
That's a requirement for me, at least; we've seen DNS spoofing done, and
don't want more of it.
Harald
--
Harald Tveit Alvestrand, EDB Maxware, Norway
Harald.Alvestrand@edb.maxware.no