[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The leftovers

To: Randy Bush <randy@psg.com>, Paul Hoffman / IMC <phoffman@imc.org>
Subject: Re: The leftovers
From: Harald Tveit Alvestrand <Harald@Alvestrand.no>
Date: Sun, 16 Jan 2000 16:31:06 +0100
Cc: idn@ops.ietf.org
Delivery-date: Sun, 16 Jan 2000 07:29:03 -0800
Envelope-to: idn-data@psg.com

At 17:31 15.01.00 -0800, Randy Bush wrote:
> > That's not an acceptable security considerations section. I propose
> > changing this to "Specifying requirements for internationalized domain
> > names does not itself raise any security issues. However, any change
>                                  ^new
>randy

Since this is the requirements document, it's even wrong to leave it empty.
A solution that adds new points of attack against the name->address and
address->name mappings, where the protection that DNSSEC offers cannot be 
applied, is not an acceptable solution (I think); the security section 
should state that.

That's a requirement for me, at least; we've seen DNS spoofing done, and 
don't want more of it.

                        Harald

--
Harald Tveit Alvestrand, EDB Maxware, Norway
Harald.Alvestrand@edb.maxware.no

Prev by Date: Re: Operational issues
Next by Date: Re: The leftovers
Prev by thread: Re: The leftovers
Next by thread: Re: The leftovers
Index(es):
- Date
- Thread