Multiple DNS implementations vulnerable to cache poisoning

David Conrad drc at
Wed Jul 9 16:59:27 UTC 2008

On Jul 9, 2008, at 9:05 AM, Christopher Morrow wrote:
>> Understanding that immediate DNSSEC deployment
>> is not a realistic expectation..."  I wonder what NANOG folk can do
>> about the second part of that quote...
> get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,

There are 4 ccTLDs (se, bg, pr, br) that are signed.
As Joe has indicated, ORG is moving towards signing their zone (as are  
several more ccTLDs).

> that's not nanog... doh!
> Pressure your local ICANN officers?


(it's out of ICANN's hands)


More information about the NANOG mailing list