>However, we in the security circles don't need to spread the 
>"Kaminsky finds" meme.

Quite right.  Paul Vixie mentioned it in 1995, Dan Bernstein started
distributing versions of dnscache with randomized port and sequence
numbers in 2001.

>The take-away here is not that "Dan didn't discover the problem", but
>"Dan got it fixed". An alternate take-away is that IETF BCPs don't
>make nearly as much difference as a diligent security expert with a
>good name.

I suppose 13 years is kind of a long time, but better late than never.
It would be modestly interesting to learn what is different now that
motivated him to get people to fix it.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to