Sent from my iPhone
> On Aug 17, 2017, at 7:20 PM, Ted Lemon <mel...@fugue.com> wrote:
>
> El 17 ag 2017, a les 21:54, Brian Dickson <brian.peter.dick...@gmail.com> va
> escriure:
>> If you're trying to use "localhost", that means you're using some kind of
>> name resolution, whether it be DNS, /etc/hosts, NIS+, or anything else.
>> I'm suggesting that by using DNS, you can take advantage of what DNS has to
>> offer, which includes potentially DNSSEC.
>
> DNSSEC can't work, or even be used, if you are spoofing localhost. If you
> used DNSSEC, the answer would fail validation.
>
Correct, so to clarify:
Use DNSSEC, and use something other than "localhost."
Does the host know its own name(s)?
Brian
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
