Once upon a time, Barry Shein <bzs at world.std.com> said: > So, DNSSEC is also compromised by this heartbleed bug, right? No, wrong. The OpenSSL bug involves an extension to the TLS protocol called "heartbeat" (basically like a TCP or PPP keepalive). DNSSEC does not use TLS (or any other kind of transport encryption). -- Chris Adams <cma at cmadams.net>