[127724] in cryptography@c2.net mail archive
Re: Kaminsky finds DNS exploit
daemon@ATHENA.MIT.EDU (John Levine)
Wed Jul 9 12:32:01 2008
Date: 9 Jul 2008 15:59:40 -0000
From: John Levine <johnl@iecc.com>
To: cryptography@metzdowd.com
In-Reply-To: <p0624080ec49a86832429@[10.20.30.162]>
Cc: paul.hoffman@vpnc.org
>However, we in the security circles don't need to spread the
>"Kaminsky finds" meme.
Quite right. Paul Vixie mentioned it in 1995, Dan Bernstein started
distributing versions of dnscache with randomized port and sequence
numbers in 2001.
>The take-away here is not that "Dan didn't discover the problem", but
>"Dan got it fixed". An alternate take-away is that IETF BCPs don't
>make nearly as much difference as a diligent security expert with a
>good name.
I suppose 13 years is kind of a long time, but better late than never.
It would be modestly interesting to learn what is different now that
motivated him to get people to fix it.
R's,
John
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
