DNSSEC?

Chris Adams cma at cmadams.net
Fri Apr 11 19:25:29 UTC 2014


Once upon a time, Barry Shein <bzs at world.std.com> said:
> So, DNSSEC is also compromised by this heartbleed bug, right?

No, wrong.  The OpenSSL bug involves an extension to the TLS protocol
called "heartbeat" (basically like a TCP or PPP keepalive).

DNSSEC does not use TLS (or any other kind of transport encryption).
-- 
Chris Adams <cma at cmadams.net>




More information about the NANOG mailing list