I believe this draft is insufficient:
4.1: Frankly speaking, with all the mechanisms out there, you must
assume that an attacker can force queries of the attacker's choosing
at times of the attacker's choosing, within a fraction of a second in
almost all cases. This is not by directly gen
Speaking as Document Shepherd:
Process history:
DNSEXT WG determined that the scope of this document was to
"make it harder to have spoofed answer packet accepted as legitimate answer",
thus the word "resiliency" in the draft name, thus the focus of the
document is 'packet acceptance'.
The topic
On Oct 9, 2008, at 9:52 AM, Ólafur Guðmundsson /DNSEXT chair wrote:
At 19:17 02/10/2008, Nicholas Weaver wrote:
I believe this draft is insufficient:
4.1: Frankly speaking, with all the mechanisms out there, you must
assume that an attacker can force queries of the attacker's choosing
at ti
On Oct 9, 2008, at 10:48 AM, Nicholas Weaver wrote:
On Oct 9, 2008, at 9:52 AM, Ólafur Guðmundsson /DNSEXT chair wrote:
At 19:17 02/10/2008, Nicholas Weaver wrote:
I believe this draft is insufficient:
4.1: Frankly speaking, with all the mechanisms out there, you
must assume that an attac