Trusting the Information
Problems:
- Currently, no widely deployed capability to authenticate where the information is coming from
- Currently, no widely deployed capability to check the integrity of the information
- DNS dynamic updates are here
- IP spoofing is prevalent
Solution:
- Deployment of DNS security extensions (rfc2065)
- Integration of security with dynamic updates
- Be paranoid, check forward and reverse lookups when necessary