Threat Analysis of the Domain Name System (DNS)
Note: This ballot was opened for revision 07 and is now closed.
(Allison Mankin) Yes
(Thomas Narten) Yes
(Harald Alvestrand) No Objection
Comment (2004-03-15 for -)
Some editorial comments from John Loughney entered into the tracker log
(Steven Bellovin) (was Discuss, Yes) No Objection
Perhaps the discussion of MX records should note that a fake MX record could be used to divert mail to an enemy site. Or maybe not, since mail that's sensitive should be encrypted anyway. The claim that only RRs with names in the RDATA are vulnerable is, I think, incorrect. A major cache contamination attack described described in [Bellovin95] inserted an A record to foil the cross-check on the name returned in an (enemy-generated) PTR record. Admittedly, this only affects people who do name-based authentication, but I do think it should be mentioned. (This is close to a DISCUSS, since it's an issue of technical accuracy, rather than style.) My style when writing something like this would be to add citations to the first published description when describing individual attacks. Your mileage may vary, and all of the important references are in the draft.