.gov DNSSEC operational message

Tony Finch dot at dotat.at
Thu Dec 30 20:11:19 UTC 2010


On 29 Dec 2010, at 16:56, bmanning at vacation.karoshi.com wrote:
> 
>    presuposes the attack was server directed.  the DNS-sniper will take
>    out your locally configured root KSK &/or replace it w/ their own.

If they can do that then you have MUCH bigger problems than authenticity of DNS replies.

Tony.
--
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/



More information about the NANOG mailing list