Re: DNS over SCTP

From: Stephane Bortzmeyer <bortzmeyer at nic.fr>
To: Alessandro Vesely <vesely at tana.it>
Cc: Anti-Spam Research Group - IRTF <asrg at irtf.org>, ietf at ietf.org
Date: Thu, 28 May 2009 16:23:25 +0200
In-reply-to: <4A1E9CBF.4010703 at tana.it>
References: <4A1A45BA.5030704 at swin.edu.au> <3be421270905250718y5d62f6d5odb6f2bebecf418d0 at mail.gmail.com> <6684E747-55CB-4BB3-B838-9F4FE906AFE7 at mail-abuse.org> <200905251603.MAA16221 at Sparkle.Rodents-Montreal.ORG> <CCE0A3E1-4BCB-460C-AEA0-6548BB4AE8FE at mail-abuse.org> <4A1D64C9.5060505 at tana.it> <47BC2197-472E-4615-97D2-F7E42B8F3B7D at mail-abuse.org> <4A1E8BD3.8000103 at tana.it> <20090528131509.GA13521 at nic.fr> <4A1E9CBF.4010703 at tana.it>

On Thu, May 28, 2009 at 04:16:31PM +0200,
 Alessandro Vesely <vesely at tana.it> wrote 
 a message of 14 lines which said:

> The discussion was about how to get rid of the threats illustrated,  
> e.g., in Kaminsky, D.: "It?s the end of the cache as we know it." 

I know about Kaminsky bug, the WG "DNS operations" and "DNS
extensions" spent a lot of time on it. Please do not restate the
basics and explain why SCTP (or TCP) can be compared with DNSSEC
since, as I said, DNSSEC provides *object* security and TCP (or SCTP)
can only provide a limited *channel* security.

Follow-Ups:
- Re: DNS over SCTP
  - From: Alessandro Vesely

References:
- DNS over SCTP (was: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: a Critical Review
  - From: Alessandro Vesely
- Re: DNS over SCTP (was: Re: [Asrg] DNS-based Email Sender Authentication Mechanisms: a Critical Review
  - From: Stephane Bortzmeyer
- Re: DNS over SCTP
  - From: Alessandro Vesely

Prev by Date: Re: DNS over SCTP
Next by Date: Re: DNS over SCTP
Previous by thread: Re: DNS over SCTP
Next by thread: Re: DNS over SCTP
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: DNS over SCTP

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.