On Fri, 28 Jun 2002, JINMEI Tatuya / [ISO-2022-JP] 神明達哉 wrote: > So the point is whether it is reasonable to rely on PTRs (+name) for > access control, rather than about the usage of node information as a > replacement of PTRs (assuming that PTRs are insecure too). If we can > agree to the sense of the "inaddr-required" draft, the usage of node > information will also be acceptable. Otherwise, the usage of node > information will also be unacceptable.
The reality is not always black and white (hence the applicability statements..). > In my understanding, draft-ietf-dnsop-inaddr-required-03.txt is based > on some consensus in the dnsop group, and it seems to me the IESG also > agrees on this according to a previous message from Thomas. I > basically agree, too. If you think it a FUD, please convince them > (including me) and make an opposite consensus. I do not disagree with the conclusions as much as I disagree with the way they were reached; the draft does not discuss the actual insecurity at all. I'll send specific comments to the draft to dnsop and you later; unless I hear otherwise, I'm not sure whether it's useful to include ipng in this discussion. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
