On Aug 17, 2008, at 9:24 AM, Dean Anderson wrote:
Changing DNS doesn't eliminate the attack of misplaced trust. It
merely
eliminates one method we know of for accomplishing the attack, at
great
expense and great risk, I might add.
You may not add that unless you are willing to justify the assertion,
which thus far you have not done.
DNS spoofing isn't the only way to accomplish a misplaced trust
attack.
Cross site scripting and javascript viruses are another way.
That's true. And if you argue that we shouldn't close the DNS hole,
your argument applies equally to these problems. Are you arguing
that we shouldn't address them either?
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
