On Fri, Mar 21, 2014 at 05:16:06PM -0400, Phillip Hallam-Baker <[email protected]> wrote a message of 31 lines which said:
> I have a first cut of a use cases and requirements draft. It also > contains a description of my proposed solution. > > http://www.ietf.org/id/draft-hallambaker-dnse-00.txt My main concern with this draft is that it carries both a set of requirments and a possible solution. I suggest to split it in two. On the requirments: > [R-PSPOOF] > Prevent spoofing of DNS responses by passive attack I do not see how you can spoof DNS while being purely passive. Do you refer to an off-the-path active attacker? Editorial: > Deployment of the new security mechanism compliments DNSSEC. Complements? (I know I do not speak english but I'm nevertheless confused.) _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
