In message , "Wessels,
Duane" writes:
>
> Seeing Warren's recent draft on updates of DNSSEC trust anchors encouraged
> me to finish and submit what I think may be a better method for tracking
> trust anchor updates. I've described an edns-key-tag option, which puts
> trust anchor key tags in th
Hi Olafur,
For an RD=0 query to a name server authoritative for the "." zone the client
would send 12345, 23456.
For an RD=0 query to a name server authoritative for the evil.example zone, the
client would send 9666, 6669.
For RD=1 queries, I propose that the client send key tags for the trust
> On Jul 29, 2015, at 8:09 PM, Wessels, Duane wrote:
>
> Seeing Warren's recent draft on updates of DNSSEC trust anchors encouraged
> me to finish and submit what I think may be a better method for tracking
> trust anchor updates. I've described an edns-key-tag option, which puts
> trust anchor
Slowly but surely, the DNS evolves into a signaling system…. :)
manning
bmann...@karoshi.com
PO Box 6151
Playa del Rey, CA 90293
310.322.8102
On 29July2015Wednesday, at 17:09, Wessels, Duane wrote:
> Seeing Warren's recent draft on updates of DNSSEC trust anchors encouraged
> me to finish
Seeing Warren's recent draft on updates of DNSSEC trust anchors encouraged
me to finish and submit what I think may be a better method for tracking
trust anchor updates. I've described an edns-key-tag option, which puts
trust anchor key tags in the EDNS OPT record. It is modeled after RFC
6975, w
In message <00f801d0ca37$12d7d0d0$38877270$@rozanak.com>, "Hosnieh Rafiee"
writes:
> Hi Mark,
> Sorry for my late response and thanks for sharing your experiment. I have
> been busy so far...
>
> In your real world scenario, the place of attacker is missing. Your
> experiment shows that how cli
Hi Mark,
Sorry for my late response and thanks for sharing your experiment. I have
been busy so far...
In your real world scenario, the place of attacker is missing. Your
experiment shows that how client and server uses this mechanism and how they
add the client and server cookie. But what it doe
