[170876] in North American Network Operators' Group
Re: DNSSEC?
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Fri Apr 11 15:38:03 2014
In-Reply-To: <21320.16943.687126.697863@world.std.com>
Date: Fri, 11 Apr 2014 15:37:43 -0400
From: Christopher Morrow <christopher.morrow@gmail.com>
To: Barry Shein <bzs@world.std.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
(But you should change your DNSSEC password)
;)
/troll (so I don't get lots if mail like my procmail question caused)
On Apr 11, 2014 3:35 PM, "Barry Shein" <bzs@world.std.com> wrote:
>
> On April 11, 2014 at 11:44 dougb@dougbarton.us (Doug Barton) wrote:
> > On 04/11/2014 11:35 AM, Barry Shein wrote:
> > > So, DNSSEC is also compromised by this heartbleed bug, right?
> >
> > There is nothing in the DNSSEC protocol that requires the Heartbeat
> > functionality. However whether a specific implementation of DNS software
> > is vulnerable or not depends on how it's compiled. I would expect that
> > most would not be. ISC for example just released a statement that BIND
> > is not:
> >
> > https://lists.isc.org/pipermail/bind-users/2014-April/092944.html
>
> Cool, good news.
>
> --
> -Barry Shein
>
> The World | bzs@TheWorld.com |
> http://www.TheWorld.com
> Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR,
> Canada
> Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
>
>
