how much more money, brains, and time are we going to collectively waste on dns (so, a WOMBAT) to solve the problems dnssec solves, rather than just deploying dnssec? i understood why, during the 2008 summer of fear, we had to focus our efforts on source port randomization. but it's 2013 now. unless someone finds a fragmentation-based attack that works on dnssec, then i think we can safely tell anyone who is worried that their authority data or recursive server is vulnerable to fragmentation-based attacks, that they ought to just deploy dnssec. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
- Re: [dns-operations] DNS Attack over UDP frag... Ondřej Surý
- Re: [dns-operations] DNS Attack over UDP ... Paul Ferguson
- Re: [dns-operations] DNS Attack over UDP frag... Ondřej Surý
- Re: [dns-operations] DNS Attack over UDP ... Jim Reid
- Re: [dns-operations] DNS Attack over ... Ondřej Surý
- Re: [dns-operations] DNS Attack over UDP fragmentation Ondřej Surý
- Re: [dns-operations] DNS Attack over UDP fragment... Jelte Jansen
- Re: [dns-operations] DNS Attack over UDP frag... kato
- Re: [dns-operations] DNS Attack over UDP ... Francis Dupont
- Re: [dns-operations] DNS Attack over ... Jaroslav Benkovský
- Re: [dns-operations] DNS Attack ... Paul Vixie
- Re: [dns-operations] DNS Attack ... ondrej . sury
- Re: [dns-operations] DNS Attack ... Paul Vixie
- Re: [dns-operations] DNS Attack ... Randy Bush
- Re: [dns-operations] DNS Attack ... Dan York
- Re: [dns-operations] DNS Attack ... Stephane Bortzmeyer
- Re: [dns-operations] DNS Attack ... Randy Bush
- Re: [dns-operations] DNS Attack ... Florian Weimer
- Re: [dns-operations] DNS Attack ... Paul Vixie
- Re: [dns-operations] DNS Attack ... Stephane Bortzmeyer
- Re: [dns-operations] DNS Attack ... Paul Vixie
