Ohta-san, On Fri, 2009-06-05 at 22:15 +0900, Masataka Ohta wrote: > > > I think we all understand that it is possible to inject bad data into > > the DNS at the parent. > > What do you mean "the parent"? > > Do you mean master zone file of the parent or some caching server > expected by a client to have parent data? I "the parent" in the same sense as in RFC 1034 - the delegating level. So, for EXAMPLE.COM this would be COM. > > What I do not understand about this comment is how transport security > > can help in that case. Can you please explain? > > Explanation depends on your definition of "the parent". -- Shane _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf