>However, we in the security circles don't need to spread the 
>"Kaminsky finds" meme.

Quite right.  Paul Vixie mentioned it in 1995, Dan Bernstein started
distributing versions of dnscache with randomized port and sequence
numbers in 2001.

>The take-away here is not that "Dan didn't discover the problem", but
>"Dan got it fixed". An alternate take-away is that IETF BCPs don't
>make nearly as much difference as a diligent security expert with a
>good name.

I suppose 13 years is kind of a long time, but better late than never.
It would be modestly interesting to learn what is different now that
motivated him to get people to fix it.


R's,
John

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to