nanog mailing list archives
Re: Reverse DNS RFCs and Recommendations
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Sat, 02 Nov 2013 07:50:15 +0900
Mark Andrews wrote:
It is a lot simpler and a lot more practical just to use shared secret between a CPE and a ISP's name server for TSIG generation.No it isn't. It requires a human to transfer the secret to the CPE device or to register the secret with the ISP.
Not necessarily. When the CPE is configured through DHCP (or PPP?), the ISP can send the secret.
I'm talking about just building this into CPE devices and having it just work with no human involvement.
See above.
Involving DNSSEC here is overkill and unnecessarily introduce
vulnerabilities.
Masataka Ohta
Current thread:
- Re: Reverse DNS RFCs and Recommendations Mark Andrews (Oct 31)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Valdis . Kletnieks (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 01)
- Re: Reverse DNS RFCs and Recommendations William Herrin (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Mark Andrews (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Mark Andrews (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Mark Andrews (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 01)
- RE: Reverse DNS RFCs and Recommendations Alex Rubenstein (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Mark Andrews (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 02)
- Re: Reverse DNS RFCs and Recommendations Mark Andrews (Nov 02)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 02)
- Re: Reverse DNS RFCs and Recommendations Sander Steffann (Nov 02)
- Re: Reverse DNS RFCs and Recommendations Valdis . Kletnieks (Nov 01)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Nov 01)