On Jan 17, 2011, at 9:22 AM, Andrew Sullivan wrote: > (RFC 4035, section 4.9.3). Presumably, then, the stub needs somehow > to have authenticated the DNS server in question otherwise before > accepting the claims about signature validation. I can't think of any > way to do this under DHCP, but maybe I don't know the protocol well enough.
No, you know the protocol well enough. This discussion has been making more and more clear to me the need for a DHCP security architecture document. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
