[11413] in North American Network Operators' Group
Re: how to protect name servers against cache corruption
daemon@ATHENA.MIT.EDU (Lon R. Stockton, Jr.)
Tue Jul 29 21:49:37 1997
Date: Tue, 29 Jul 1997 21:37:46 -0400 (EDT)
From: "Lon R. Stockton, Jr." <lon@moonstar.com>
To: Ben Black <black@zen.cypher.net>
cc: Paul A Vixie <vixie@vix.com>, nanog@merit.edu
In-Reply-To: <Pine.LNX.3.91.970729211311.20446E-100000@zen.cypher.net>
On Tue, 29 Jul 1997, Ben Black wrote:
> [...] but there is a gaping chasm between the current
> system and DNSSEC that could be closed significantly with proper design.
Well, in the words of internet, fidonet, and other developers worldwide....
Send Code <tm>
If you have "proper design" that significantly closes the holes, I'm sure
we'd all, Mr. Vixie included, appreciate your patch files which
illustrate proper design.
> simply stating that until DNSSEC arrives these attacks are going to be
> allowed is a copout.
Simply stating that there's a better way without Sending Code is a copout.
