I'm afraid that we will be sollicited one day or the other to write a RFC about DNS practices to limit rebinding? It seems trendy.
Do note that many advices in "Protecting Browsers from DNS Rebinding Attacks" (http://crypto.stanford.edu/dns/dns-rebinding.pdf) belong in our perimeter (some remind me of draft-ietf-dnsop-reverse-mapping-considerations, some ask for a violation of the DNS protocol). Advices? _______________________________________________ DNSOP mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dnsop
