On Mon, Jun 04, 2007 at 08:12:24AM -0400, Robert Story wrote: > I think it's useful, but I also think you should have a concluding > paragraph on why it's no longer a recommended practice. Something along > the lines of "as attack became more sophisticated, they included > spoofing reponses to reverse DNS requests, so the attacker appeared to > be coming from a trusted machine."
I believe notes to this effect have been in the draft all along, but please check the -03 version (which should come out RSN) to make sure the recommendations that are in it meet your criteria. They belong in a different section -- recommendations about what to do today. This history section is proposed to address the problem that some people said they were having, which was that the discussion of the security portion seemed to come from nowhere if you didn't already know why people did it in the first place. A -- Andrew Sullivan 204-4141 Yonge Street Afilias Canada Toronto, Ontario Canada <[EMAIL PROTECTED]> M2P 2A8 jabber: [EMAIL PROTECTED] +1 416 646 3304 x4110 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop
