Ron,
On Wed, Sep 10, 2008 you wrote:
> The questions before the WG are:
>
> - is BCP38 enough to mitigate the attack vectors described in
> draft-ietf-dnsop-reflectors-are-evil-06
> - is filtering after the attack has begun good enough
>
> If the answer to both of these questions is "no", the document can go
> forward as is.
and in an earlier message
> alternative mitigation is adequate. On Friday, the WG chairs will gauge
> consensus and I will take appropriate action.
Amongst those individuals who responded directly to the questions, there was
consensus that wide deployment of BCP38 would be sufficient but at the same time
that this state has not been reached today and is unlikely to be reached in
the forseeable future. This is consistent with the spirit of the draft under
consideration w.r.t. its relation to BCP38.
The WG's answer to the first question is "no".
There is also consensus that taking action after an attack has started is
not a sufficient defense mechanism and proactive measures are needed.
The WG's answer to the second question is "no".
Several other people have expressed their support for publishing the draft
"as is", nobody expressed opposition.
It is noted that Mr Anderson maintained his dissenting view.
I therefore declare WG consensus on the publication of
draft-ietf-dnsop-reflectors-are-evil-06.txt "as is"(*).
-Peter Koch [wg co-chair and document shepherd]
(*) Please see the the I-D tracker for an RFC Editor's note which adds
three references.
<https://datatracker.ietf.org/idtracker/ballot/2581/>
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
