[106274] in North American Network Operators' Group
Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Fri Jul 25 09:44:42 2008
Date: Fri, 25 Jul 2008 09:44:31 -0400
From: "Jay R. Ashworth" <jra@baylink.com>
To: nanog@nanog.org
In-Reply-To: <E81E3213-2A6B-457A-9B6F-9FB04DA35FEB@daork.net>
Errors-To: nanog-bounces@nanog.org
On Fri, Jul 25, 2008 at 07:31:30PM +1200, Nathan Ward wrote:
> So uh, is this patch available for download over HTTPS with a key that
> was generated by the vendor and signed by well trusted root CAs on a
> boxes with OpenSSL versions not released by Debian?
>
> PATCH NOW PATCH NOW seems like a fantastic way to get nefarious code
> deployed in really, really interesting places.
>
> :-)
I'm not smiling.
I'm wondering if we're insufficiently paranoid.
Course that could be because I'm reading the Mitnick book this week.
But I don't think so.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com '87 e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Josef Stalin)
