its hard to distinguish an implementation error and a DNS protocol error, so
yes, it might
be a very good idea to triage your failures properly.
/bill
On Sat, Oct 26, 2013 at 01:28:10AM +0200, Hosnieh Rafiee wrote:
Hi Bill,
Thanks for your message.
are your new collection, DNS
are your new collection, DNS vulnerabilities, configuration mistakes, or
implementation faults?
/bill
On Sat, Oct 26, 2013 at 01:16:29AM +0200, Hosnieh Rafiee wrote:
Hello,
I have gathered some vulnerabilities in the current DNS security approaches
such as DNSSEC and etc. We think it
Thank you again, Bill.
it's hard to distinguish an implementation error and a DNS protocol
error, so
yes, it might be a very good idea to triage your failures properly.
Yes I guess it's really a good comment to consider in this work.
@list: Any other ideas?
---smile--
Hosnieh Rafiee wrote:
I have gathered some vulnerabilities in the current DNS security approaches
such as DNSSEC and etc. We think it is useful to have a survey of existing
vulnerabilities or any new vulnerabilities so that we can address those
issues in other standard RFC. This is why we
On 26 Oct 2013, at 12:59, Masataka Ohta mo...@necom830.hpcl.titech.ac.jp
wrote:
a serious vulnerability of, so called, DNSSEC is lack of secure time.
some security novices innocently believed GPS time were automagically secure.
That is, so far, there is no way to have really secure DNSSEC.
On Sat, Oct 26, 2013 at 01:11:26PM +0100, Jim Reid wrote:
On 26 Oct 2013, at 12:59, Masataka Ohta mo...@necom830.hpcl.titech.ac.jp
wrote:
a serious vulnerability of, so called, DNSSEC is lack of secure time.
some security novices innocently believed GPS time were automagically
secure.
On Oct 26, 2013, at 8:11 AM, Jim Reid j...@rfc1035.com wrote:
If good timekeeping matters so much to DNSSEC, there are plenty of sources of
reliable time. For most people, NTP will be good enough. The paranoid might
choose Secure NTP. The really paranoid will have multiple time sources other
In message 526baeae.6080...@necom830.hpcl.titech.ac.jp, Masataka Ohta writes:
Hosnieh Rafiee wrote:
I have gathered some vulnerabilities in the current DNS security approaches
such as DNSSEC and etc. We think it is useful to have a survey of existing
vulnerabilities or any new
Jim Reid wrote:
a serious vulnerability of, so called, DNSSEC is lack of secure time.
some security novices innocently believed GPS time were automagically secure.
That is, so far, there is no way to have really secure DNSSEC.
Rubbish!
If good timekeeping matters so much to DNSSEC, there