Kaminsky finds DNS exploit
John Levine
johnl at iecc.com
Wed Jul 9 11:59:40 EDT 2008
>However, we in the security circles don't need to spread the
>"Kaminsky finds" meme.
Quite right. Paul Vixie mentioned it in 1995, Dan Bernstein started
distributing versions of dnscache with randomized port and sequence
numbers in 2001.
>The take-away here is not that "Dan didn't discover the problem", but
>"Dan got it fixed". An alternate take-away is that IETF BCPs don't
>make nearly as much difference as a diligent security expert with a
>good name.
I suppose 13 years is kind of a long time, but better late than never.
It would be modestly interesting to learn what is different now that
motivated him to get people to fix it.
R's,
John
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list