Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?

• Previous message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Next message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 16 Sep 2003 09:59:40 PDT, bmanning at karoshi.com said:
> DNSsec will work properly with wildcards, regardless of where they are
> in the DNS.

Which means that a rogue DNS can lead you down the garden path and
DNSsec won't give you a clue that you're being lied to.  It's the same
question as the "what happens to SSL to a phantom site?" - Verisign can
provide an A record for the server and an SSL cert that will work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030916/eb6795e7/attachment.sig>

• Previous message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Next message (by thread): Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]