nanog mailing list archives

Re: Hey, SiteFinder is back, again...

From: Bora Akyol <bora.akyol () aprius com>
Date: Mon, 05 Nov 2007 14:13:25 -0800


Do common endpoints (Windows Vista/XP, MacOS X 10.4/5) support DNSSEC
Validation? If not, then do people have a choice?

Regards

Bora



On 11/5/07 11:54 AM, "Steven M. Bellovin" <smb () cs columbia edu> wrote:


On Mon, 5 Nov 2007 11:17:29 -0800
David Conrad <drc () virtualized org> wrote:

On Nov 5, 2007, at 8:23 AM, David Lesher wrote:

What affect will Allegedly Secure DNS have on such provider
hijackings, both of DNS and crammed-in content?


If what Verizon is doing is rewriting NXDOMAIN at their caching
servers, DNSSEC will _not_ help.  Caching servers do the validation
and the insertion of the search engine IP addresses in the response
would occur after the validation.

Depends on whether or not the endpoints delegate DNSSEC validation to
Verizon.  They don't have to.

Current thread:

Re: Hey, SiteFinder is back, again..., (continued)
- - Re: Hey, SiteFinder is back, again... Christopher Morrow (Nov 03)
    - Re: Hey, SiteFinder is back, again... Patrick W. Gilmore (Nov 04)
    - Re: Hey, SiteFinder is back, again... Jeff Kell (Nov 04)
    - Re: Hey, SiteFinder is back, again... Andrew Sullivan (Nov 05)
    - Re: Hey, SiteFinder is back, again... Phil Regnauld (Nov 05)
    - Re: Hey, SiteFinder is back, again... David Lesher (Nov 05)
    - Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
    - Re: Hey, SiteFinder is back, again... Steven M. Bellovin (Nov 05)
    - Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
    - Re: Hey, SiteFinder is back, again... Tim Wilde (Nov 05)
    - Re: Hey, SiteFinder is back, again... Bora Akyol (Nov 05)
    - Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
    - Re: Hey, SiteFinder is back, again... Eliot Lear (Nov 05)
    - Re: Hey, SiteFinder is back, again... Christopher Morrow (Nov 05)
    - Re: Hey, SiteFinder is back, again... Steven M. Bellovin (Nov 06)
    - Re: Hey, SiteFinder is back, again... Barry Shein (Nov 06)
    - Re: Hey, SiteFinder is back, again... Mark Andrews (Nov 05)
    - Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
    - Re: Hey, SiteFinder is back, again... Mark Andrews (Nov 05)
    - Re: Hey, SiteFinder is back, again... David Conrad (Nov 05)
    - Re: Hey, SiteFinder is back, again... Stephane Bortzmeyer (Nov 05)

(Thread continues...)