On Wed, Sep 11, 2019 at 02:32:35PM -0400, Viktor Dukhovni <ietf-dane@xxxxxxxxxxxx> wrote a message of 37 lines which said: > Finally, in security considerations, there's no mention of > the potential security impact of stale negative responses. It's not true, the last two paragraphs of section 10 do it. May be, as reported by an AD, add that an attacker may dDoS authoritative name servers just to exploit this possibility?