<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] the future .. DNS National Security and the ICANN clowns
- To: Joe Baptista <baptista@xxxxxxxxxxxxxx>, "ga@xxxxxxxxxxxxxx >> GA" <ga@xxxxxxxxxxxxxx>, imatx26@xxxxxxxxxxxxxx, icann-board@xxxxxxxxx
- Subject: Re: [ga] the future .. DNS National Security and the ICANN clowns
- From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
- Date: Mon, 12 Apr 2010 16:40:52 -0500 (GMT-05:00)
<HEAD>
<STYLE>body{font-family:
Geneva,Arial,Helvetica,sans-serif;font-size:10pt;font-family:arial,sans-serif;background-color:#ffffff;color:black;}p{margin:0px}</STYLE>
<META content="MSHTML 6.00.6000.16825" name=GENERATOR></HEAD>
<BODY id=compText>
<P>Dr. Joe and all,</P>
<P> </P>
<P> I agree that DNScurve would have been a better solution.
However as you know the IETF</P>
<P>was and remains cool to DNScurve. My personal thoughts as to why very,
but are mostly</P>
<P>occupied with the thought that the IETF is far less familier with DNScurve
than DNSSEC.</P>
<P>Still if implimented fully and correctly DNSSEC "Can" do the job.
However so far</P>
<P>the first attempt at DNSSEC along with weak Crypto standard SHA-2 ( 256 bit
) has</P>
<P>proven as I an other predicted to be far too weak as even ( 1024 bit ) was
broken</P>
<P>recently at the University of Michigan by some very sharp students and
announced</P>
<P>about two months ago accordingly. Perhaps NIST will upgrade the SHA-2
standard</P>
<P>to reflect the curent reality soon. I certainly hope
so.<BR><BR><BR></P>
<BLOCKQUOTE style="PADDING-LEFT: 5px; MARGIN-LEFT: 0px; BORDER-LEFT: #0000ff
2px solid">
<P>-----Original Message----- <BR>From: Joe Baptista
<BAPTISTA@xxxxxxxxxxxxxx><BR>Sent: Apr 11, 2010 8:07 AM <BR>To:
"ga@xxxxxxxxxxxxxx >> GA" <GA@xxxxxxxxxxxxxx><BR>Subject: [ga] the future
.. DNS National Security and the ICANN clowns <BR><BR>The DNS is fracturing.
It's been hijacked. Root server "I" in Beijing looks like it's still offline as
ICANN remains silent on a national security issue - or should we call it a
scandal? Washington is a buzz in DNS these days - no one knows whats going on
and <SPAN class=fn>Beckstrom</SPAN> is busy answering questions.<BR><BR>When
the Peoples Republic of China accidentally or intentionally hijacks the State
of California expect some attention.<BR><BR>We need a better solution then
ICANN. The world has become a very insecure place overnight. Now that this
attack vector is known expect it to be exploited. DNSSEC will not save the day.
It will simply provide another path to exploit.<BR><BR>DNScurve would have
prevented this from happening. But the protocol that will be shoved in our face
will be the DNSSEC make work project. DNScurve and DNSSEC can live together on
the same box. Both will provide their own version of security. But as soon as
DNScurve is adopted - expect DNSSEC to die a quick death.<BR><BR>regards<BR>joe
baptista<BR></P>
<P>Regards,<BR><BR>Jeffrey A. Williams<BR>Spokesman for INEGroup LLA. - (Over
294k members/stakeholders and growing, strong!)<BR>"Obedience of the law is the
greatest freedom" -<BR> Abraham Lincoln<BR><BR>"Credit should go
with the performance of duty and not with what is very<BR>often the accident of
glory" - Theodore Roosevelt<BR><BR>"If the probability be called P; the injury,
L; and the burden, B; liability<BR>depends upon whether B is less than L
multiplied by<BR>P: i.e., whether B is less than PL."<BR>United States v.
Carroll Towing (159 F.2d 169 [2d Cir.
1947]<BR>===============================================================<BR>Updated
1/26/04<BR>CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of<BR>Information Network Eng. INEG. INC.<BR>ABA member in good
standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx<BR>Phone:
214-244-4827<BR></P></BLOCKQUOTE></BODY>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|