In article <2204181e-9433-4b93-b240-92ff754a2...@icann.org> you write: >How realistic is it that a forged zone could defeat all of the channel >security for a zone? How likely would it be for >someone to load a false zone on all the places a recursive server would look >for it? Answering that would be a crucial step >in deciding whether to add a zone hash mechanism.
Since the obvious use case for this is to enable zone distribution over insecure channels, such as FTP or bittorrent, I'd say it's completely realistic. R's, John _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop