In your previous mail you wrote: > => not only this is very arguable (for instance about the resource > exhaustion) but no hop-by-hop/channel security, even something as > strong as TSIG, can provide what we need, i.e., end-to-end/object > security (*). > PS (*): I use the common meaning of end-to-end, not Masataka Ohta's one. => I added it because hop-by-hop and end-to-end can be ambiguous when hops and ends are not defined. In the context of DNS intermediate entities are the caching servers so even I agree your argument is valid it doesn't apply to *this* interpretation of the term end-to-end. Regards Francis.Dupont@xxxxxxxxxx PS: if you'd like to discuss about end-to-end arguments there is a dedicated mailing list at IRTF. If you'd like to continue about the trusted third parties as intermediate entities I believe the thread you initiated is the best place. _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf