Multiple DNS implementations vulnerable to cache poisoning

Russ Mundy mundy at
Thu Jul 10 21:34:34 UTC 2008

At 11:08 AM -0400 7/10/08, Christopher Morrow wrote:
>On Thu, Jul 10, 2008 at 10:22 AM, Wes Hardaker <wjhns61 at> wrote:
>>>>>>> On Wed, 9 Jul 2008 22:55:05 -0400, "Christopher Morrow"
>>>>>>><morrowc.lists at> said:
>>>>> aside from just getting some cctlds signed, i will be interested in the
>>>>> tools, usability, work flow, ...  i.e. what is it like for a poor
>>>>> innocent cctld which wants to sign their zone?
>>>> If there is sufficient interest, we could do a bar bof to describe some of
>>>> the tools IANA has...
>> CM> I think Sandy Murphy or other Sparta folks have presented some of the
>> CM> work they've done on this... Perhaps finding one/some of them and
>> CM> having a more operations focused presentation in LAX or ... is a good
>> CM> idea as well?
>> The tools that Sparta developed (and made freely available via an open
>> source packaged that is BSD licensed) can be found at
>> .  In particular, signing a zone is
>yup, and that's helpful stuff.

Great, we're trying to provide tools that will help with the deployment and
operation of DNSSEC.  We also try to keep a listing of all the 'pieces'
that we know about that could be helpful to folks who want to deploy and
use DNSSEC in various ways whether they are operating a signed zone,
running a validating resolver or wanting DNSSEC-aware applications. The url
for the listing is:

We provide the listing as community resource and try to keep it reasonably
current. But we are always on the lookout for additional information (&
corrections) to the list - if you have any, please let me know.

>> All for free.  Don't you hate those ??biased??, freely-available,
>> source-code-supplied-so-you-can-change-it, BSD-licensed open source
>> packages?
>> --
>I like free... as long as it's the hammer I need for the nails I have.

We don't try to keep track of things in the listing by whether they or free
or not but I know a lot of them have typical open source type of licenses.


More information about the NANOG mailing list