Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?

• Previous message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Next message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Tue, 16 Sep 2003 09:59:40 PDT, bmanning at karoshi.com said:
> > DNSsec will work properly with wildcards, regardless of where they are
> > in the DNS.
> 
> Which means that a rogue DNS can lead you down the garden path and
> DNSsec won't give you a clue that you're being lied to.  It's the same
> question as the "what happens to SSL to a phantom site?" - Verisign can
> provide an A record for the server and an SSL cert that will work.

	thats one aspect yes.  the valdiation chain should tell
	you who signed the delegations.  It won't lie.
	you will know that V'sign put that data there.

--bill

• Previous message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Next message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]