[clug] April 2018 CLUG Meeting
Stephen Rothwell
sfr at canb.auug.org.au
Sun Apr 29 08:04:13 UTC 2018
Hi Bob,
On Sat, 28 Apr 2018 18:57:20 +1000 Robert Edwards via linux <linux at lists.samba.org> wrote:
>
> Also, DNSSEC has it's own set of vulnerabilities to be managed. An
> interesting paper is here (there are others):
> http://www.chrismitchell.net/svidad.pdf
That paper appears not very well written and now quite old (2004).
Quite o lot of its perceived problems have been addressed (or were not
well considered). I realise that DNSSEC has issues, but it is the best
we have at the moment and does solve a lot of the security concerns with
DNS itself. It is a big indictment of current "cyber security"
measures taken in this country that DNSSEC is not required to be
implemented more widely as a step along the way. Most notable is that
gov.au is the only au zone that is not DNSSEC signed!
/me wanders off to DNSSEC sign clug.org.au :-)
--
Cheers,
Stephen Rothwell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20180429/0e83b145/attachment.sig>
More information about the linux
mailing list