nanog mailing list archives
Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu)
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Thu, 9 Dec 2021 00:33:46 +0900
Ca By wrote:
It’s quite common for DNSSEC to fail at spectacular scale
What’s uncommon? Attacks that DNSSEC is intended to solve.
DNSSEC is considered harmful on the internet
Correct.
The problem is that PKI, in general, does not offer cryptographic
security but just assumes intelligent intermediate entities of CAs,
which are called trusted third parties, are trustworthy, which
is improper social, not cryptographic, assumption as was demonstrated
by a compromised CA of diginotar about 10 years ago.
https://en.wikipedia.org/wiki/DigiNotar
Masataka Ohta
Current thread:
- Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Laura Smith via NANOG (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Marco Davids (Private) via NANOG (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Arne Jensen (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Niels Bakker (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Ca By (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Masataka Ohta (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Arne Jensen (Dec 09)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Ca By (Dec 09)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Francis Booth via NANOG (Dec 09)
- RE: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Jean St-Laurent via NANOG (Dec 09)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Ca By (Dec 09)
- RE: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Jean St-Laurent via NANOG (Dec 09)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Arne Jensen (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Marco Davids (Private) via NANOG (Dec 08)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Nick Hilliard (Dec 09)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Mark Andrews (Dec 09)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Masataka Ohta (Dec 10)
- Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu) Masataka Ohta (Dec 08)