Re: forgery-resilience recommendations section

[JINMEI Tatuya / 神明達哉 <jinmei@isl.rdc.toshiba.co.jp>]

[ Moderators note: Post was moderated, either because it was posted by
   a non-subscriber, or because it was over 20K.  
   With the massive amount of spam, it is easy to miss and therefore 
   delete relevant posts by non-subscribers. 
   Please fix your subscription addresses. ]

At Fri, 17 Aug 2007 00:06:24 -0400,
Edward Lewis <Ed.Lewis@neustar.biz> wrote:

> So, let me propose that we document that there is a need for more 
> bits of unpredictability based on the calculations already in the 
> draft.  An open question to me is to specify a number, I mean, others 
> will have a far better idea than I so I won't suggest a number and 
> will go along with any consensus.  As far as how the "extended 
> unpredictability" is implemented is probably left best to the code 
> writers with maybe some hints in the document - but let's avoid 
> ratholing on anything that isn't needed for interoperability.

I agree on this point.  It sounds too much to me for a protocol
specification to specify a countermeasure that is pretty
implementation-dependent, especially with an RFC2119 keyword,
such as this one:

   Implementations SHOULD be configurable to use one or multiple ports
   for queries.

					JINMEI, Tatuya
					Communication Platform Lab.
					Corporate R&D Center, Toshiba Corp.
					jinmei@isl.rdc.toshiba.co.jp


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>