Multiple DNS implementations vulnerable to cache poisoning
David Conrad
drc at virtualized.org
Wed Jul 9 16:59:27 UTC 2008
On Jul 9, 2008, at 9:05 AM, Christopher Morrow wrote:
>> Understanding that immediate DNSSEC deployment
>> is not a realistic expectation..." I wonder what NANOG folk can do
>> about the second part of that quote...
>
> get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,
There are 4 ccTLDs (se, bg, pr, br) that are signed.
As Joe has indicated, ORG is moving towards signing their zone (as are
several more ccTLDs).
> that's not nanog... doh!
>
> Pressure your local ICANN officers?
Mmph. https://ns.iana.org/dnssec/status.html
(it's out of ICANN's hands)
Regards,
-drc
More information about the NANOG
mailing list