On Thu, 31 May 2007 17:24:48 -0400 Andrew wrote: AS> We received a suggestion that a short section outlining the history of AS> the use of reverse mapping in security contexts would be a good thing AS> to add to the reverse-mapping-considerations draft. I have some AS> proposed text to add. Before I add it, I'd like to ask for comments.
I think it's useful, but I also think you should have a concluding paragraph on why it's no longer a recommended practice. Something along the lines of "as attack became more sophisticated, they included spoofing reponses to reverse DNS requests, so the attacker appeared to be coming from a trusted machine." -- Robert Story SPARTA
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop