Kaminsky finds DNS exploit
Florian Weimer
fw at deneb.enyo.de
Thu Jul 10 08:42:03 EDT 2008
* Paul Hoffman:
> The take-away here is not that "Dan didn't discover the problem", but
> "Dan got it fixed".
I haven't seen credible claims that the underlying issue can actually be
fixed in the classic DNS protocol. There are workarounds on top of
workarounds. A real fix requires more or less incompatible protocol
changes, and at that point, it might be easier to deploy DNSSEC instead.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list