> Regarding the latter, just because a client receives an "incorrect
> answer" doesn't necessarily mean it's what the server ("i-root") was
> transmitting.
>
>
Ah. Yes, this is _very_ true. Any point along the network path could have
been hijacking or corrupting i-root traffic. Heck, with sufficiently
malicious BGP traffic, the attacker wouldn't even need to be on path.
I think I'm simply going to reserve all judgement until the post-mortem.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
