Multiple DNS implementations vulnerable to cache poisoning

Jay R. Ashworth jra at baylink.com
Wed Jul 9 13:05:40 CDT 2008


On Wed, Jul 09, 2008 at 12:05:38PM -0400, Christopher Morrow wrote:
> get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,
> that's not nanog... doh!
> 
> Pressure your local ICANN officers?

One of the commenters on Slashdot, who did not sound entirely like a
crank, says the root zone DNSKEYs and RRSIGs have been generated
already, and his informant is waiting for the OK to deploy them.

http://it.slashdot.org/comments.pl?sid=607413&cid=24106363

Cheers,
-- jr 'yes, yes, I know; it's /.  No, I don't believe in the Easter Bunny' a
-- 
Jay R. Ashworth                   Baylink                      jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com                     '87 e24
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274

	     Those who cast the vote decide nothing.
	     Those who count the vote decide everything.
	       -- (Josef Stalin)




More information about the NANOG mailing list