[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS Security

To: dee@skidrow.ljo.dec.com
Subject: Re: DNS Security
From: Steve Kent <kent@BBN.COM>
Date: Fri, 07 May 93 18:12:39 -0400
Cc: Hilarie Orman <ho@cs.arizona.edu>, namedroppers@nic.ddn.mil, ipsec@ans.net
In-Reply-To: Your message of Fri, 09 Apr 93 13:55:40 -0400. <9304091755.AA01477@skidrow.ljo.dec.com>


Hilarie makes a good point with regard to DNS; Donald's argument about
providing security at the application layer vs. a lower layer is a
traditional one that has yet to be resolved.  Directory services can
have security requirements that make them poor candidates for lower
layer security protocols.  For example, if I send a requuest to a
local directory server and it forwards that request to another server,
only an authentication facility at the application layer can provide
source-to-desitination authentication of the request and the
response.

Steve

Next by Date: Re: DNS Security
Next by thread: Re: DNS Security
Index(es):
- Main
- Thread