nanog mailing list archives
Re: DNSSEC?
From: Doug Barton <dougb () dougbarton us>
Date: Fri, 11 Apr 2014 11:44:45 -0700
On 04/11/2014 11:35 AM, Barry Shein wrote:
So, DNSSEC is also compromised by this heartbleed bug, right?
There is nothing in the DNSSEC protocol that requires the Heartbeat functionality. However whether a specific implementation of DNS software is vulnerable or not depends on how it's compiled. I would expect that most would not be. ISC for example just released a statement that BIND is not:
https://lists.isc.org/pipermail/bind-users/2014-April/092944.html hth, Doug
Current thread:
- DNSSEC? Barry Shein (Apr 11)
- Re: DNSSEC? Doug Barton (Apr 11)
- Re: DNSSEC? Barry Shein (Apr 11)
- Re: DNSSEC? Christopher Morrow (Apr 11)
- Re: DNSSEC? Barry Shein (Apr 11)
- Re: DNSSEC? Bill Woodcock (Apr 11)
- Re: DNSSEC? Chris Adams (Apr 11)
- Re: DNSSEC? Carsten Bormann (Apr 11)
- Re: DNSSEC? Matt Palmer (Apr 11)
- Re: DNSSEC? Robert Drake (Apr 11)
- Re: DNSSEC? Mark Andrews (Apr 11)
- Re: DNSSEC? Jimmy Hess (Apr 11)
- Re: DNSSEC? Mark Andrews (Apr 11)
- Re: DNSSEC? Carsten Bormann (Apr 11)
- Re: DNSSEC? Doug Barton (Apr 11)