Re: [mif] [dnsext] [DNSOP] 2nd Last Call for MIF DNS server selection document

Alex Bligh <alex@alex.org.uk> Mon, 24 October 2011 11:20 UTC

Return-Path: <alex@alex.org.uk>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51B7421F886A; Mon, 24 Oct 2011 04:20:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5PVQU91LeoEz; Mon, 24 Oct 2011 04:20:54 -0700 (PDT)
Received: from mail.avalus.com (mail.avalus.com [IPv6:2001:41c8:10:1dd::10]) by ietfa.amsl.com (Postfix) with ESMTP id CECAB21F8801; Mon, 24 Oct 2011 04:20:53 -0700 (PDT)
Received: from [192.168.100.15] (87-194-71-186.bethere.co.uk [87.194.71.186]) by mail.avalus.com (Postfix) with ESMTPSA id 79769C56100; Mon, 24 Oct 2011 12:20:51 +0100 (BST)
Date: Mon, 24 Oct 2011 12:20:50 +0100
From: Alex Bligh <alex@alex.org.uk>
To: Ted Lemon <Ted.Lemon@nominum.com>, Keith Moore <moore@network-heretics.com>
Message-ID: <B52E25DC88B2277D83EC6299@Ximines.local>
In-Reply-To: <835BF3F4-B0A1-4BBA-988F-FE147573CED0@nominum.com>
References: <COL118-W55403198A984BAAE44BA47B1F70@phx.gbl> <916CE6CF87173740BC8A2CE44309696203782D75@008-AM1MPN1-037.mgdnok.nokia.com> <121DABD1-65E8-4275-8471-9FA38D25C434@nominet.org.uk> <916CE6CF87173740BC8A2CE44309696203783EE0@008-AM1MPN1-037.mgdnok.nokia.com> <4EA09791.8010705@gmail.com> <C8398996-79B5-437E-82A5-6B869ECF8F4E@network-heretics.com> <94C2E518-F34F-49E4-B15C-2CCCFAA96667@virtualized.org> <12477381-9F74-4C50-B576-47EE4322F6BC@network-heretics.com> <CAH1iCiqsN-R87VK3vKityPsY+NXA=0DRASYf_vmBSy8gvYwHdQ@mail.gmail.com> <916CE6CF87173740BC8A2CE44309696203784B27@008-AM1MPN1-037.mgdnok.nokia.com> <708F3212-3C9C-4B61-AA77-EFA8F1CA5B04@nominum.com> <30B1AE01-0A35-48D2-91AF-46FC8B60466C@network-heretics.com> <F932CA9C-3489-48AC-A454-5B7A91CF129A@nominum.com> <1DF30BB4-76DB-427A-8ACF-A345BAE26FA6@network-heretics.com> <835BF3F4-B0A1-4BBA-988F-FE147573CED0@nominum.com>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Mailman-Approved-At: Mon, 24 Oct 2011 04:49:17 -0700
Cc: DHC WG <dhcwg@ietf.org>, "dnsop@ietf.org WG" <dnsop@ietf.org>, "<mif@ietf.org>" <mif@ietf.org>, dnsext List <dnsext@ietf.org>, Alex Bligh <alex@alex.org.uk>
Subject: Re: [mif] [dnsext] [DNSOP] 2nd Last Call for MIF DNS server selection document
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Alex Bligh <alex@alex.org.uk>
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Oct 2011 11:20:54 -0000

--On 22 October 2011 19:41:58 +0000 Ted Lemon <Ted.Lemon@nominum.com> wrote:

> Yes.   But if a bare name is used, a bogus search list can also bypass
> DNSSEC validation.

For the hard of understanding, please could you expand on this?

Doesn't the client know the full name being looked up, even with a search
list?

-- 
Alex Bligh