On Oct 28, 2013, at 12:07 AM, Masataka Ohta <mo...@necom830.hpcl.titech.ac.jp> wrote: > Then, plain DNS modified to have 32 (or 64?) bit messages > ID is as secure as DNSSEC.
How does a 32 or 64 bit message ID protect you from on-path MITM/injection attacks? Protecting the communication channel does not equal protecting the data. Regards, -drc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop