'Re: [Full-disclosure] DNS spoofing issue. Thoughts on'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] DNS spoofing issue. Thoughts on
From:       Valdis.Kletnieks () vt ! edu
Date:       2008-07-30 15:29:53
Message-ID: 159358.1217431793 () turing-police ! cc ! vt ! edu
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Sun, 27 Jul 2008 14:07:03 EDT, Glenn.Everhart@chase.com said:
> The need for something more like ssl certs in there remains

It's called DNSSEC, which has been out for a decade and more.

> (Also needed for bgp I suspect).

RFC2385 (TCP MD5 protection for BGP) addresses most of the issues, at least
on a peer-to-peer basis, and has been out for a decade.  There's a discussion
of the issues in RFC5123.



[Attachment #5 (application/pgp-signature)]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic