On April 11, 2014 at 11:44 [email protected] (Doug Barton) wrote:
> On 04/11/2014 11:35 AM, Barry Shein wrote:
> > So, DNSSEC is also compromised by this heartbleed bug, right?
>
> There is nothing in the DNSSEC protocol that requires the Heartbeat
> functionality. However whether a specific implementation of DNS software
> is vulnerable or not depends on how it's compiled. I would expect that
> most would not be. ISC for example just released a statement that BIND
> is not:
>
> https://lists.isc.org/pipermail/bind-users/2014-April/092944.html
Cool, good news.
--
-Barry Shein
The World | [email protected] | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada
Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
