Re: Last Call: draft-ietf-dnsop-reflectors-are-evil (Preventing Use of Recursive Nameservers in Reflector Attacks) to BCP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

    
    There are two major reasons for an organization to not want roaming 
    users to trust locally-assigned DNS servers.

Open recursive servers doesn't help in against man in the middle
attacks. If you want to avoid that use VPN's or (for DNS) TSIG.

I seem to remember that the ID actually mentions that.

	jaap

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]