how to protect name servers against cache corruption

Ben Black black at zen.cypher.net
Wed Jul 30 01:39:28 UTC 1997


yes, how dare i not say a word about a problem before fixing it?  what 
scum i am.

gimme a break.

On Tue, 29 Jul 1997, Lon R. Stockton, Jr. wrote:

> 
> On Tue, 29 Jul 1997, Ben Black wrote:
> 
> > [...] but there is a gaping chasm between the current 
> > system and DNSSEC that could be closed significantly with proper design.
> 
> Well, in the words of internet, fidonet, and other developers worldwide....
> 
>       Send Code <tm>
> 
> If you have "proper design" that significantly closes the holes, I'm sure 
> we'd all, Mr. Vixie included, appreciate your patch files which 
> illustrate proper design.
> 
> > simply stating that until DNSSEC arrives these attacks are going to be 
> > allowed is a copout.
> 
> Simply stating that there's a better way without Sending Code is a copout.
> 



More information about the NANOG mailing list