On 7/10/18 12:32 PM, Philip Homburg wrote:
If we decide that TLS is strong enough to defend against these attacks, then there is no need to secure the DNS lookup, other than to reduce the risk of denial of service and for privacy reasons. Then such an ip= modifier would be fine, because the worst thing that can happen is denial of service.
To be crystal clear, my mentioning of that hypothetical parameter was part of a thought experiment, not a proposal.
/a _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
