Note: This ballot was opened for revision 03 and is now closed.
Summary: Needs 4 more YES or NO OBJECTION positions to pass.
Thanks for a well-written document.
I'm not sure if there are really no new security
considerations here, but the difference may be relatively
minor, (given how I understand these protocols are used, i.e.
without any cryptographic authentication;-).
Anyway, my questions:
Which of the RFCs referred to in section 5 calls out that
sending a spoofed wildcard message will have a bigger
impact for lower cost for an attacker?
Could it also be the case that an attacker able to inject one
of these needs less information about the network to cause
the same amount of damage compared to an attacker who could
not send a wildcard message?