I re-send here two questions that have apparently not been addressed in -01
On Sun, Jan 04, 2015 at 06:42:26PM +0100, Stephane Bortzmeyer <bortzme...@nic.fr> wrote a message of 37 lines which said: > Section 3, "some network devices deliberately refuse to handle DNS > packets containing EDNS0 options" Isn't it true of DNS-over-TCP as > well? SAC035 is pessimistic (see table 2). Do we have other data on > TCP (lack of) support in middleboxes? > In the same section, should we add a word about poisoning attacks? > AFAIK, at least one resolver, CNS, switches to TCP when it receives > too many answers with the wrong Query ID. Should we document that > the use of TCP may make poisoning more difficult? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
