> One of the misconceptions in DNSSEC is that the zone administrator > is in control of the situation, dictating the state of signing, > the cryptography in use, and so on. DNSSEC is for the benefit of > the querier, not the responder. A zone administrator can't force > a querier to validate the results, it can't dictate what cryptographic > library support the receiver must have.
I don't see how this statement is relevant. The discussion was about possible downgrade attacks if the querier would fallback to NS/DS. Given that we are talking about downgrade attacks, there is already the implicit assumption that the querier is interested in the integrity of the reply. The zone administrator can assist the queriers with making an informed decision, if the protocol allows for extra informaiton to be passed. > The zone administrator is out there in plain > sight, anyone can see the data, anyone can see activity. One can't > (always) identify the receiver, that's what the privacy-enhancing > transports support. With TLS a lot of classical assumptions can change. With emphasis on *can*. For example, client could use TLS to authenticate themselves, the transferred data could be kept confidential. People could take DNS in unexpected directions. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
