Edward Lewis made me coment on: > Ironically - in the past year, the DNSOP WG considered a proposal > called "white lies" in which falsified negative answers were to be > used to prevent someone from using DNSSEC records to discover all of What Ed didn't say but could have to avoid myth spread: the schemes described in RFC 4471 and RFC 4472 (dnsext's work, btw, but never mind ;-) require the zone maintainer's consent, so they are applied by the person in technical control of the relevant part of the name space. At best it's the protocol that is 'cheated', not the user. > There's a fine line between record synthesis and fraud.[0] We can > talk about the synthesis, but fraud isn't a technical issue. Authenticated denial _is_ a technical issue. See keyword in the last line of the first quote. -Peter _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf