[119684] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: What DNS Is Not

daemon@ATHENA.MIT.EDU (Paul Vixie)
Wed Nov 25 23:17:40 2009

To: nanog@merit.edu
From: Paul Vixie <vixie@isc.org>
Date: Thu, 26 Nov 2009 04:16:49 +0000
In-Reply-To: <202705b0911251258s3256434vf7864d212a1f1cf1@mail.gmail.com>
	(Jorge Amodio's message of "Wed\, 25 Nov 2009 14\:58\:57 -0600")
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Jorge Amodio <jmamodio@gmail.com> writes:

> What needs to be done to have ISPs and other service providers stop
> tampering with DNS ?

we have to fix DNS so that provider-in-the-middle attacks no longer work.
(this is why in spite of its technical excellence i am not a DNSCURVE fan,
and also why in spite of its technical suckitude i'm working on DNSSEC.)

<http://queue.acm.org/detail.cfm?id=1647302> lays out this case.
-- 
Paul Vixie
KI6YSY


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[119684] in North American Network Operators' Group

Re: What DNS Is Not

daemon@ATHENA.MIT.EDU (Paul Vixie)Wed Nov 25 23:17:40 2009

daemon@ATHENA.MIT.EDU (Paul Vixie)
Wed Nov 25 23:17:40 2009