On 5/7/20 6:06 AM, Paul Wouters wrote:
> On Tue, 5 May 2020, Vladimír Čunát wrote:
>> 1. Validation without logging.
>> At the end of 3.1 you claim that mode is still useful. When I focus on
>> intentional attacks, signing a malicious DS seems among the easiest
>> ones, and that can't be detected
On Tue, 5 May 2020, Vladimír Čunát wrote:
1. Validation without logging.
At the end of 3.1 you claim that mode is still useful. When I focus on
intentional attacks, signing a malicious DS seems among the easiest
ones, and that can't be detected without the attacked machine doing
logging (the
Hello, I'm still a bit skeptical.
1. Validation without logging.
At the end of 3.1 you claim that mode is still useful. When I focus on
intentional attacks, signing a malicious DS seems among the easiest
ones, and that can't be detected without the attacked machine doing
logging (the DS might be
internet-dra...@ietf.org writes:
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Domain Name System Operations WG of
> the IETF.
Per discussion in the adoption thread, this primarily updates sections 1
and 3 with a stronger
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.
Title : The DELEGATION_ONLY DNSKEY flag
Authors : Paul Wouters
Wes Hardaker