Andrew Sullivan wrote:
> Especially in the absence of strong anti-spoofing mechanisms, like
> the DNS Security Extensions, a check for matching reverse DNS mapping
> should be regarded as an extremely weak form of authentication.
Considering that DNS Security Extension provides weak
security only blindly relying on untrustworthy TTPs,
it is better to say;
< Especially in the absence of strong anti-spoofing mechanisms,
< a check for matching reverse DNS mapping
< should be regarded as a weak form of authentication.
Masataka Ohta
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
