North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Multiple DNS implementations vulnerable to cache poisoning

  • From: Joao Damas
  • Date: Thu Jul 10 06:17:28 2008
I would love to get input on that be it in Dublin or elsewhere, both sides: the authoritative server and the recursive validator. We have ideas and want to do this but I will not claim to be the owner of THE TRUTH, so input is much desired.

Joao

PS: I would also want a copy of, or a secure method to access, the public part of the keys you use to sign those ccTLDs so I can place them in ISC's DLV registry

On 10 Jul 2008, at 01:17, Randy Bush wrote:

David Conrad wrote:
There are 4 ccTLDs (se, bg, pr, br) that are signed.
wanna crawl in a corner in dublin and i can sign a few?
Love to. We can also put your trust anchors in the prototype ITAR (see
the first part of
https://par.icann.org/files/paris/IANAReportKim_24Jun08.pdf).

aside from just getting some cctlds signed, i will be interested in the
tools, usability, work flow, ... i.e. what is it like for a poor
innocent cctld which wants to sign their zone?

randy