Proposal for using NAPTR/URI records

[Nico Williams]

I should add that I'm assuming that an MITM wouldn't be able to get
away with modifying important bits of the protocol because we
authenticate all contents (or all that matters).  So the main problem
would be information leaks and other problems with getting redirected,
such as (stretching here) changing the trust anchors that the AS'
PKINIT cert is to get validated to.