ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

[ga] What are ICANN and VeriSign doing regarding CERT Advisory #800113 / DNS Cache Poisoning?

  • To: ga@xxxxxxxxxxxxxx
  • Subject: [ga] What are ICANN and VeriSign doing regarding CERT Advisory #800113 / DNS Cache Poisoning?
  • From: George Kirikos <gkirikos@xxxxxxxxx>
  • Date: Tue, 15 Jul 2008 16:07:04 -0700 (PDT)

Hello,

ICANN and VeriSign have been oddly quiet over the entire DNS cache
poisoning issue:

http://www.kb.cert.org/vuls/id/800113
http://www.circleid.com/posts/87143_dns_not_a_guessing_game/
http://it.slashdot.org/article.pl?sid=08/07/08/195225&tid=172

PIR has a pending proposal to implement DNSSEC for .org:

http://www.icann.org/registries/rsep/

Is that something that VeriSign has plans to accelerate for the
important .com and .net registries, in order to prevent a long-term
meltdown in DNS confidence/trust should DNS cache poisoning become
widespread in August and beyond?

No need for a "formal" press release, but I think the community
deserves to know that people are working on the long-term solution to
this problem, and making it a higher priority relative to other lesser
issues.

Point #14 in the latest policy newsletter appears to be the only "hint"
that a few people are working on things:

http://www.icann.org/topics/policy/update-jul08.htm#14

Hopefully something will happen before Cairo, as by then there might be
widespread disruptions to the internet. Perhaps the Board might want to
consider an early special meeting this week or next:

http://www.icann.org/minutes/

instead of waiting until July 31st, in conjunction with the SSAC.

Sincerely,

George Kirikos
http://www.kirikos.com/




<<< Chronological Index >>>    <<< Thread Index >>>