DNS hardening, was Re: Dan Kaminsky

Douglas Otis dotis at mail-abuse.org
Wed Aug 5 21:00:59 UTC 2009


On 8/5/09 11:38 AM, Skywing wrote:
> That is, of course, assuming that SCTP implementations someday clean up their act a bit.  I'm not so sure I'd suggest that they're really ready for "prime time" at this point.

SCTP DNS would be intended for ISPs validating DNS where there would be 
fewer issues regarding SOHO routers.  It seems likely DNS will require 
some kernel adjustments to support persistent SCTP.  SCTP has been 
providing critical SS7 and H.248.1 services for many years now, where 
TCP would not be suitable.  FreeBSD 7 represents a solid SCTP reference 
implementation.

SCTP has far fewer issues going to homes connected via IPv6.

-Doug






More information about the NANOG mailing list