nanog mailing list archives
Re: Exploit for DNS Cache Poisoning - RELEASED
From: David Conrad <drc () virtualized org>
Date: Thu, 24 Jul 2008 17:43:10 -0700
On Jul 24, 2008, at 4:24 PM, Tomas L. Byrnes wrote:
The problem is, once the ICANNt root is self-signed, the hope of ever revoking that dysfunctional mess as authority is gone.
Sorry, I don't follow -- sounds like FUD to me. Care to explain this?As far as I'm aware, as long as the KSK isn't compromised, changing the organization who holds the KSK simply means waiting until the next KSK rollover and have somebody else do the signing.
Perhaps the IETF
You mean oh say IANA?
or DoC
That'll be popular in the international community.
should sign the root, that way we have a prayer of wresting control from ICANN, as opposed to paying a tax, in
perpetuity, for registration services to an unaccountable, unelected, and imperious body?
Registration fees are unrelated to signing the root, but thanks for the gratuitous ICANN bashing. It was missing in this thread -- I was wondering when it would show up.
Some of us don't think the UN/EU/ITU are good models for governance.
Indeed.
IE: Separation of powers. ICANN/IANA is granted (interim) authority to operate, but some other governing body signs.
So you want to increase the role ICANN/IANA has in root zone management. Interesting.
Regards, -drc
Current thread:
- Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED, (continued)
- Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning- RELEASED Steven M. Bellovin (Jul 24)
- Re: TLD servers with recursion was Re: Exploit for DNS Cache Poisoning - Paul Vixie (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Ferguson (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jorge Amodio (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Steven M. Bellovin (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jorge Amodio (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Eric Brunner-Williams (Jul 24)
- RE: Exploit for DNS Cache Poisoning - RELEASED Tomas L. Byrnes (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Valdis . Kletnieks (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Alexander Harrowell (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Pete Carah (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Graeme Fowler (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Graeme Fowler (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jorge Amodio (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Florian Weimer (Jul 26)
- RE: Exploit for DNS Cache Poisoning - RELEASED Tomas L. Byrnes (Jul 25)
- Re: Exploit for DNS Cache Poisoning - RELEASED Paul Vixie (Jul 24)