At Wed, 7 Jul 2010 10:35:09 +1000, Geoff Huston wrote: > > As I recall TLS was used as a convenient mechanism to prevent forms > of replay attacks.
That was indeed the theory back in the day. In practice, the way we ended up using TLS does not provide any replay protection worth mentioning, as discussed on this list back in late April. > What protection is provided against replay attacks in the absence of > TLS? Again, discussed on this list in late April. In brief: at the moment we have no replay protection, adding it would not be hard, and removing TLS wouldn't make it any harder. _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
