S Moonesamy wrote: > ... > > >I have not followed this discussion, but my cursory read of the tracker > >ticket shows the WG blew off the issue by claiming that historical > >unsophisticated attacks can be easily thwarted, while completely > >ignoring the case where the target domains exist. Aborting an > >amplification attack on failures does not do anything about the case > >where an attacker goes to the trouble to make sure all the quires will > >return valid answers. Either the issue-tracker discussion is > >inadequate, or this is exactly the kind of thing that adds excess delay and > workload to the IESG review process. > > It seems that the above is related to Issue #24 [1]. I posted a rough summary > of the initial discussion [2]. I took a look at the IETF 83 minutes and I found > "DNS amplification attacks" [3] mentioned. There was a message from > Andrew Sullivan [4]. > > A working group may decide to blow off the issue if it wants. The issue can > be listed in the write-up. Yes it can, and they often do. The question in this case is more about the way that was documented, and Douglas' effective call for a wider review of the decision. It may simply be the wording in the issue tracker, but reading that the effective message is: "a security issue was raised, and a subset of the potential attack is easily mitigated, therefore the WG is dropping it" There may well be more to it, and I said I have not been following it. The point is that 'outside reviewers' will not be immersed in past discussion, so what and why should be clear. I purposefully tied this to the ongoing IESG process discussion, because it is a prime example of why post-WG discussions take longer than expected, and may result in changes. Tony