Multiple DNS implementations vulnerable to cache poisoning

Jay R. Ashworth jra at
Wed Jul 9 18:05:40 UTC 2008

On Wed, Jul 09, 2008 at 12:05:38PM -0400, Christopher Morrow wrote:
> get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,
> that's not nanog... doh!
> Pressure your local ICANN officers?

One of the commenters on Slashdot, who did not sound entirely like a
crank, says the root zone DNSKEYs and RRSIGs have been generated
already, and his informant is waiting for the OK to deploy them.

-- jr 'yes, yes, I know; it's /.  No, I don't believe in the Easter Bunny' a
Jay R. Ashworth                   Baylink                      jra at
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates                     '87 e24
St Petersburg FL USA             +1 727 647 1274

	     Those who cast the vote decide nothing.
	     Those who count the vote decide everything.
	       -- (Josef Stalin)

More information about the NANOG mailing list