Dear DNSOP community,
I would like to introduce an informational draft by Forescout Research Labs. The
draft discusses common implementation flaws in DNS clients that lead to security
vulnerabilities. This draft stems from a set of vulnerabilities found during our
research
(https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/).
Initially we planned this as an Independent Stream submission, but Mr. Farrel
(the Editor)
suggested that posting here may be more appropriate.
We would appreciate any feedback, the draft be found here:
https://datatracker.ietf.org/doc/draft-dashevskyi-dnsrr-antipatterns/
We would also like to take this opportunity to ask you some questions:
- What else could we say in this draft that would be of value?
- Are there any additional vulnerabilities relevant to this draft
that can be added?
- What should be done with this draft? (e.g., should it remain as an
Independent Stream publication?)
Kind regards,
Stanislav Dashevskyi
Researcher
Forescout Technologies, Inc.
[email protected]<mailto:[email protected]>
www.forescout.com<http://www.forescout.com/>
WARNING - CONFIDENTIAL INFORMATION:
________________________________
The information contained in the e-mail may contain confidential and privileged
information and is intended solely for the use of the intended recipient(s).
Access for any review, re-transmission, dissemination or other use of, or
taking of any action in regard and reliance upon this e-mail by persons or
entities other than the intended recipient(s) is unauthorized and prohibited.
If you are not the intended recipient, please contact the sender by reply
e-mail and destroy all copies of the original message and any attachments.
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
