On 2/27/24, 17:09, "DNSOP on behalf of John Levine" <dnsop-boun...@ietf.org on behalf of jo...@taugh.com> wrote:
> The kind of load is different but in each case the client needs to > limit the amount of work it's willing to do. We can forbid it in the > protocol but unless you have better contacts at the Protocol Police > than I do, people will do it anyway. I side with John Levine's line of reasoning, that the solution is defending against taking on too much work (in this case, the validator caps it's effort - in whatever way is appropriate). It would be futile to prevent key tag collisions from happening via a protocol change as a malicious actor is not bounded by specifications. If it is forbidden in the protocol, it might still happen. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop