1) It's extremely difficult to reason about (DNS -> DNSSEC) in terms of a DDoS considering how many security protocols assume NTP exists.
2) I'm not, but this was posted 18 months ago, so I'm just thinking about the "global discussion" in general.
3) The fundamental argument Vixie is making is about tradeoffs. The impossibility of global SAV is an argument in favor of the difficulty of widely deployed RRL. It is an argument of spending the effort on something that might be accomplished.
2) I'm not, but this was posted 18 months ago, so I'm just thinking about the "global discussion" in general.
3) The fundamental argument Vixie is making is about tradeoffs. The impossibility of global SAV is an argument in favor of the difficulty of widely deployed RRL. It is an argument of spending the effort on something that might be accomplished.