On Tue, Sep 13, 2016 at 1:30 PM, Paul Hoffman <paul.hoff...@vpnc.org> wrote:
> On 13 Sep 2016, at 9:03, Warren Kumari wrote:
>
>> The authors have attempted to integrate / incorporate all comments
>> received.
>
>
> ...and the draft is looking really good now.
Thank you - it's always nice to get positive feedback.
>
>> One of the main changes was suggested by Jinmei ("we might want to
>> follow the style of draft-ietf-dnsop-nxdomain-cut-04."), and resulted
>> in Section 6 - Benefits.
>
>
> It's nice to have it there in one place.
>
Yup, I really liked that suggestion - thanks to Jinmei for suggesting
this, and Stephane, Shumon for draft-ietf-dnsop-nxdomain-cut-04.
>> I'd really appreciate a review of this section, especially the last 2
>> paragraphs (starting with):
>> "[ Editor note: There has been some discussion on if this document
>> should discuss this attack and mitigation. The authors think that
>> this is useful / important, but some participants feel that it
>> oversells the DoS mitigation benefit. Please let us know if the
>> below is helpful. Also, the below description is not as clear as it
>> could be - it's been tricky to balance readability, correctness and
>> conciseness. Text gratefully accepted... ]"
>
>
> Discussions of DoS attacks and mitigations get bogged down quickly; see, for
> example, the past year or two in the IPsecME WG. It is safe to assume that
> if a method prevents a type of DoS attack, attackers will find another way
> to mount the attack. The current wording describes one type of attack, and
> how this helps mitigate it. That's sufficient: you don't need to say "and
> therefore you SHOULD use this method to avoid attacks".
Thank you.
W
>
> --Paul Hoffman
--
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
---maf
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
