On Thu, Aug 25, 2016 at 11:11:22AM -0700, Marek Vavruša <mvavr...@cloudflare.com> wrote a message of 56 lines which said:
> +1, there are other implications besides performance. For example > attacker can silence > the NS for victim (either on path or off path with spoofed source > subnet). If successful, > the attacker doesn't have to race NS->victim RTT anymore for > successful cache poisoning. Which is exactly the attack explained in the OARC talk I cited a few emails before. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
