From: Jeremy C. Reed <jreed@isc.org>
Date: Mon, 11 Aug 2014 20:29:57 +0000 (+0000)
Subject: modify warning about abuse of the dhcp-ddns server
X-Git-Tag: trac3482_base~41^2~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cf66e748635a8c1611a2728fefe9dc499495f70a;p=thirdparty%2Fkea.git

modify warning about abuse of the dhcp-ddns server

discussed little on jabber.
I opened a new ticket to fix code to at #3514
---

diff --git a/doc/guide/ddns.xml b/doc/guide/ddns.xml
index 5ebaf365f9..7c5994e834 100644
--- a/doc/guide/ddns.xml
+++ b/doc/guide/ddns.xml
@@ -168,14 +168,15 @@
 	</para>
 	<warning>
 	  <simpara>
-	    When the DHCP-DDNS server is configured to listen at an address
-	    other than the loopback address (127.0.0.1 or ::1), it is possible
-	    for a malicious attacker to send bogus NameChangeRequests to it
-	    and change entries in the DNS. For this reason, addresses other
-	    than the IPv4 or IPv6 loopback addresses should only be used
-	    for testing purposes. A future version of Kea will implement
+	    It is possible for a malicious attacker to send bogus
+	    NameChangeRequests to the DHCP-DDNS server.  Addresses
+	    other than the IPv4 or IPv6 loopback addresses (127.0.0.1
+	    or ::1) should only be used for testing purposes, but
+	    note that local users may still communicate with the
+	    DHCP-DDNS server.  A future version of Kea will implement
 	    authentication to guard against such attacks.
 	  </simpara>
+<!-- see ticket #3514 -->
 	</warning>
 <note>
 <simpara>