Re: DNSSEC is NOT secure end to end

ietf

Re: DNSSEC is NOT secure end to end

2009-06-05 12:07:17

Ohta-san,

On Fri, 2009-06-05 at 21:32 +0900, Masataka Ohta wrote:

I mention transport security merely because it is still required
with DNSSEC, because administrative security of DNSSEC is
cryptographically weak.


I think we all understand that it is possible to inject bad data into
the DNS at the parent.

What I do not understand about this comment is how transport security
can help in that case. Can you please explain?

Thanks,

--
Shane

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: DNSSEC is NOT secure end to end (more tutorial than debating), (continued) Re: DNSSEC is NOT secure end to end (more tutorial than debating), Mark Andrews Re: DNSSEC is NOT secure end to end (more tutorial than debating), Michael StJohns Re: DNSSEC is NOT secure end to end (more tutorial than debating), Mark Andrews Re: DNSSEC is NOT secure end to end (more tutorial than debating), Masataka Ohta Re: DNSSEC is NOT secure end to end (more tutorial than debating), Andrew Sullivan Re: DNSSEC is NOT secure end to end (more tutorial than debating), Masataka Ohta Re: DNSSEC is NOT secure end to end (more tutorial than debating), Mark Andrews Re: DNSSEC is NOT secure end to end (more tutorial than debating), Masataka Ohta DNSSEC was never designed for transport end to end security, Bill Manning DNSSEC is NOT secure end to end, Masataka Ohta Re: DNSSEC is NOT secure end to end, Shane Kerr <= Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: DNSSEC is NOT secure end to end, Shane Kerr Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: DNSSEC is NOT secure end to end, Shane Kerr Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: [Asrg] DNSSEC is NOT secure end to end, Paul Wouters Re: DNSSEC is NOT secure end to end, Masataka Ohta Re: DNSSEC is NOT secure end to end, Bill Manning Re: [Asrg] DNSSEC is NOT secure end to end, Masataka Ohta Re: DNSSEC is NOT secure end to end, Marc Manthey

Previous by Date:	Re: [OSPF] Last Call: draft-ietf-ospf-dynamic-hostname (Dynamic Hostname Exchange Mechanism for OSPF) to Proposed Standard, Mitchell Erblich
Next by Date:	Re: DNSSEC is NOT secure end to end, Shane Kerr
Previous by Thread:	DNSSEC is NOT secure end to end, Masataka Ohta
Next by Thread:	Re: DNSSEC is NOT secure end to end, Masataka Ohta
Indexes:	[Date] [Thread] [Top] [All Lists]