[105904] in North American Network Operators' Group
Re: Multiple DNS implementations vulnerable to cache poisoning
daemon@ATHENA.MIT.EDU (David Conrad)
Wed Jul 9 12:59:40 2008
From: David Conrad <drc@virtualized.org>
To: Christopher Morrow <morrowc.lists@gmail.com>
In-Reply-To: <75cb24520807090905p75554c13l5f45796107551068@mail.gmail.com>
Date: Wed, 9 Jul 2008 09:59:27 -0700
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
On Jul 9, 2008, at 9:05 AM, Christopher Morrow wrote:
>> Understanding that immediate DNSSEC deployment
>> is not a realistic expectation..." I wonder what NANOG folk can do
>> about the second part of that quote...
>
> get the root zone signed, get com/net/org/ccTLD's signed.. oh wait,
There are 4 ccTLDs (se, bg, pr, br) that are signed.
As Joe has indicated, ORG is moving towards signing their zone (as are
several more ccTLDs).
> that's not nanog... doh!
>
> Pressure your local ICANN officers?
Mmph. https://ns.iana.org/dnssec/status.html
(it's out of ICANN's hands)
Regards,
-drc
