North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
Once upon a time, Robert Kisteleki <robert@xxxxxxxx> said: > I understand this is a huge can of worms, but maybe it's time to change the > default behavior of browsers from http to https...? This is a _DNS_ vulnerability. The Internet is more than HTTP(S). Think about email (how many MTAs do TLS and validate the certs?). Even things like BitTorrent require valid DNS (how about MPAA/RIAA poisoning the cache for thepiratebay?). -- Chris Adams <cmadams@xxxxxxxxxx> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.