how to protect name servers against cache corruption
Lon R. Stockton, Jr.
lon at moonstar.com
Wed Jul 30 01:37:46 UTC 1997
On Tue, 29 Jul 1997, Ben Black wrote:
> [...] but there is a gaping chasm between the current
> system and DNSSEC that could be closed significantly with proper design.
Well, in the words of internet, fidonet, and other developers worldwide....
Send Code <tm>
If you have "proper design" that significantly closes the holes, I'm sure
we'd all, Mr. Vixie included, appreciate your patch files which
illustrate proper design.
> simply stating that until DNSSEC arrives these attacks are going to be
> allowed is a copout.
Simply stating that there's a better way without Sending Code is a copout.
More information about the NANOG
mailing list