[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reverse DNS RFCs and Recommendations

Subject: Reverse DNS RFCs and Recommendations
From: mohta at necom830.hpcl.titech.ac.jp (Masataka Ohta)
Date: Fri, 01 Nov 2013 16:03:56 +0900
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

Mark Andrews wrote:

> That said it is possible to completely automate the secure assignment
> of PTR records.  It is also possible to completely automate the
> secure delegation of the reverse name space.  See
> http://tools.ietf.org/html/draft-andrews-dnsop-pd-reverse-00

It is a lot simpler and a lot more practical just to
use shared secret between a CPE and a ISP's name server
for TSIG generation.

As the secret can be directly shared end to end, it is more
secure than DNSSEC involving untrustworthy third parties.

						Masataka Ohta

Follow-Ups:
- Reverse DNS RFCs and Recommendations
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Reverse DNS RFCs and Recommendations
  - From: bill at herrin.us (William Herrin)
- Reverse DNS RFCs and Recommendations
  - From: marka at isc.org (Mark Andrews)

Prev by Date: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
Next by Date: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
Previous by thread: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
Next by thread: Reverse DNS RFCs and Recommendations
Index(es):
- Date
- Thread