Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!sdd.hp.com!spool2.mu.edu!uwm.edu!bionet!agate!ucbvax!TIS.COM!galvin
From: galvin@TIS.COM (James M Galvin)
Newsgroups: comp.protocols.tcp-ip.domains
Subject: Re: Internet address authentication (was: PTR records ...)
Message-ID: <9101171335.AA10426@TIS.COM>
Date: 17 Jan 91 13:35:13 GMT
References: <1119@nikhefh.nikhef.nl>
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: James M Galvin <galvin@TIS.COM>
Distribution: inet
Organization: The Internet
Lines: 13


	If you want to do some internet address authentication,
	the following is a simple way to proceed.

I am troubled by this thread.  The very idea that the existence of an A
record is somehow more secure is misleading at best and ludicrous in
general.  The database itself is completely untrusted, and thus, strictly
speaking, you have no confidence in any data value that is returned.

As a practical matter, I understand why we believe the DNS, but I can only
hope that Sun does not advertise this "feature" as a "security enhancement".

Jim