On Wed, 10 Sep 2008, Mark Andrews wrote: > In message <[EMAIL PROTECTED]>, David Conrad > writes: >>> At his point, I will sit quietly for a while and let the WG comment >>> on whether they think that your proposed >>> alternative mitigation is adequate. On Friday, the WG chairs will >>> gauge consensus and I will take appropriate action. >> >> Given the stunningly successful implementation of BCP038 over the 8 >> years since it has been published, I believe relying on it as a >> mitigation strategy against open resolver attacks is simply silly and >> discussing it largely a waste of time. > > While I encourage everyone to deploy BCP 38, wherever possible, I > don't believe we should be relying on BCP 38 deployment to prevent > recursive servers being abused.
BCP 38 is one tool in the mitigation box, but it doesn't mean that it can only be the *only* tool available. So I agree with Mark. wfms _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
