> Viktor wrote: > > The simplest solution, if one introduce new DNS-based service location records, > is to note that trusting the DNS is unavoidable, since that's where one gets > service location and security parameters.
I agree with you, up to this point. Yes, the client has no recourse but to trust the publisher of the service location, since that publisher could choose to publish whatever it pleases. But then, we have a layer of indirection. What if the names published in the SRV record are not related to the name published of the service? What if these were different domains? -- Christian Huitema _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
