how to protect name servers against cache corruption
Ben Black
black at zen.cypher.net
Wed Jul 30 01:39:28 UTC 1997
yes, how dare i not say a word about a problem before fixing it? what
scum i am.
gimme a break.
On Tue, 29 Jul 1997, Lon R. Stockton, Jr. wrote:
>
> On Tue, 29 Jul 1997, Ben Black wrote:
>
> > [...] but there is a gaping chasm between the current
> > system and DNSSEC that could be closed significantly with proper design.
>
> Well, in the words of internet, fidonet, and other developers worldwide....
>
> Send Code <tm>
>
> If you have "proper design" that significantly closes the holes, I'm sure
> we'd all, Mr. Vixie included, appreciate your patch files which
> illustrate proper design.
>
> > simply stating that until DNSSEC arrives these attacks are going to be
> > allowed is a copout.
>
> Simply stating that there's a better way without Sending Code is a copout.
>
More information about the NANOG
mailing list