DNS hardening, was Re: Dan Kaminsky
Douglas Otis
dotis at mail-abuse.org
Wed Aug 5 21:00:59 UTC 2009
On 8/5/09 11:38 AM, Skywing wrote:
> That is, of course, assuming that SCTP implementations someday clean up their act a bit. I'm not so sure I'd suggest that they're really ready for "prime time" at this point.
SCTP DNS would be intended for ISPs validating DNS where there would be
fewer issues regarding SOHO routers. It seems likely DNS will require
some kernel adjustments to support persistent SCTP. SCTP has been
providing critical SS7 and H.248.1 services for many years now, where
TCP would not be suitable. FreeBSD 7 represents a solid SCTP reference
implementation.
SCTP has far fewer issues going to homes connected via IPv6.
-Doug
More information about the NANOG
mailing list