<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] What are ICANN and VeriSign doing regarding CERT Advisory #800113 / DNS Cache Poisoning?
- To: ga@xxxxxxxxxxxxxx
- Subject: Re: [ga] What are ICANN and VeriSign doing regarding CERT Advisory #800113 / DNS Cache Poisoning?
- From: George Kirikos <gkirikos@xxxxxxxxx>
- Date: Wed, 6 Aug 2008 19:46:22 -0700 (PDT)
Hello,
Just to followup, ICANN sent out a news release earlier:
http://www.icann.org/en/announcements/announcement-06aug08-en.htm
It's a step in the right direction, to help educate folks. However,
there's no true "fix", as the protocol itself is broken. A move towards
DNSSEC or other secure DNS would be the only appropriate long-term
solution.
If there's ever a cyber 9/11, as Lessig discussed at:
http://news.slashdot.org/article.pl?sid=08/08/05/220229
widespread DNS cache poisoning might be one of the root causes.
I'd like to hear from VeriSign as to whether they're planning to
implement DNSSEC or a secure DNS alternative for .com/net, as PIR
intends for .org.
Sincerely,
George Kirikos
http://www.kirikos.com/
--- George Kirikos <gkirikos@xxxxxxxxx> wrote:
>
> Hello,
>
> ICANN and VeriSign have been oddly quiet over the entire DNS cache
> poisoning issue:
>
> http://www.kb.cert.org/vuls/id/800113
> http://www.circleid.com/posts/87143_dns_not_a_guessing_game/
> http://it.slashdot.org/article.pl?sid=08/07/08/195225&tid=172
>
> PIR has a pending proposal to implement DNSSEC for .org:
>
> http://www.icann.org/registries/rsep/
>
> Is that something that VeriSign has plans to accelerate for the
> important .com and .net registries, in order to prevent a long-term
> meltdown in DNS confidence/trust should DNS cache poisoning become
> widespread in August and beyond?
>
> No need for a "formal" press release, but I think the community
> deserves to know that people are working on the long-term solution to
> this problem, and making it a higher priority relative to other
> lesser
> issues.
>
> Point #14 in the latest policy newsletter appears to be the only
> "hint"
> that a few people are working on things:
>
> http://www.icann.org/topics/policy/update-jul08.htm#14
>
> Hopefully something will happen before Cairo, as by then there might
> be
> widespread disruptions to the internet. Perhaps the Board might want
> to
> consider an early special meeting this week or next:
>
> http://www.icann.org/minutes/
>
> instead of waiting until July 31st, in conjunction with the SSAC.
>
> Sincerely,
>
> George Kirikos
> http://www.kirikos.com/
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|