On Fri, 19 Apr 2013, Edward Lewis wrote:
My response is that the CDS should not automatically cause a change to the DS, just marshall the data. I am pushing to rely on a second factor (the security over the c&c channel to the parent) to verify the request.
We don't need the CDS to do that. We already have EPP for that. We _are_ trying to automate this. That's the whole point of CDS.
I'm not comfortable with in-band scraping.
That's fine. Don't publish CDS as a child, or ignore CDS as a parent.
PS - What if the KSK/SEP is compromised? Then the attacker can roll the legitimate KSK out and replace it with their own (assuming that they could do it as described).
If the KSK is compromised, they likely can redirect email too, so making a registry password reset is not that far off either. Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
