OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: question about dns trust profile

Hi Peter -

I just read over the DNS authority trust profile you wrote up:
http://wiki.oasis-open.org/xri/XrdOne/TrustProfileDNSAuthority

I'm not sure I understand the resource name to document binding, let
me double check.

- someone starts with a resource X
- DNS publishes a mapping from resource X to document id Y
- when they download the document, they check that X == Y.

Is that right?  It seems vulnerable to attacks on DNS.  Is the
expectation that DNS SEC will be used to prevent those attacks, or
that DNS spoofing is an acceptable risk?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]