nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?

From: "Eric Germann" <ekgermann () cctec com>
Date: Tue, 16 Sep 2003 18:10:34 -0400
Re: Verisign brain damage and DNSSec.....Was:Re: What *are* they smoking?And
whats to say they don't get around our methods of blacklisting it by
changing the IP around every zone update?

  -----Original Message-----
  From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
Valdis.Kletnieks () vt edu
  Sent: Tuesday, September 16, 2003 2:18 PM
  To: bmanning () karoshi com
  Cc: bownes () web9 com; gmaxwell () martin fl us; haesu () towardex com;
marius () marius org; nanog () merit edu
  Subject: Re: Verisign brain damage and DNSSec.....Was:Re: What *are* they
smoking?


  On Tue, 16 Sep 2003 11:08:11 PDT, bmanning () karoshi com said:
  > > On Tue, 16 Sep 2003 09:59:40 PDT, bmanning () karoshi com said:

  >       thats one aspect yes.  the valdiation chain should tell
  >       you who signed the delegations.  It won't lie.
  >       you will know that V'sign put that data there.

  How frikking many hacks will we need to BIND9 to work around this
braindamage?
  One to stuff back in the NXDomain if the A record points there, another to
  do something with make-believe DNSsec from them..... What's next?
Previous By Date Next
Previous By Thread Next

Current thread: