Bob Harold rharo...@umich.edu writes:
My apologies for not seeing this sooner. In section 5. Security
Considerations:
Hi Bob,
I've been stewing over this one in my head for a few days since I saw
your message.
In short: I agree with you and am now slapping myself silly. I suspect
as is
My apologies for not seeing this sooner. In section 5. Security
Considerations:
To ensure that an older CSYNC record making use of the soaminimum flag
cannot be replayed to revert values, the SOA serial number MUST NOT be
incremented by more than 2^16 during the lifetime of the signature
window
A new Request for Comments is now available in online RFC libraries.
RFC 7477
Title: Child-to-Parent Synchronization in DNS
Author: W. Hardaker
Status: Standards Track
Stream: IETF
Date: March 2015
Mailbox: