Re: NATs *ARE* evil!

On Mon, 18 Dec 2000 22:54:47 EST, "Donald E. Eastlake 3rd" 
<dee3(_at_)torque(_dot_)pothole(_dot_)com>  said:

If DNSSEC were deployed, I see no reason why SAs could not be
bound to domain names.


I admit to not having read the DNSSEC RFCs.  I however do hope that they
are immune to the same sort of attacks against SSL and SSHv1 that are currently
getting a lot of publicity.

Anybody got a pointer to where in the RFC it discusses how the resolver on
my workstation initially verifies that it's not being man-in-the-middle'ed
from a spoof of our local nameserver?
-- 
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

pgp3dnmBowmOu.pgp
Description: PGP signature

<Prev in Thread]	Current Thread	[Next in Thread>
*RE: NATs ARE* evil!*, (continued)* *RE: NATs ARE* evil!*, Iliff, Tina* *RE: NATs ARE* evil!*, David Higginbotham* *RE: NATs ARE* evil!*, Chris Millikin* *RE: NATs ARE* evil!*, Sean Doran* *Re: NATs ARE* evil!*, Keith Moore* *Re: NATs ARE* evil!*, Theodore Y. Ts'o* *Re: NATs ARE* evil!*, John Collis* *Re: NATs ARE* evil!*, RJ Atkinson* *RE: NATs ARE* evil!*, RJ Atkinson* *Re: NATs ARE* evil!*, Donald E. Eastlake 3rd* *Re: NATs ARE* evil!*, Valdis . Kletnieks* <= *Re: NATs ARE* evil!*, Donald E. Eastlake 3rd* *Re: NATs ARE* evil!*, Theodore Y. Ts'o* *Re: NATs ARE* evil!*, Ken Raeburn* *Re: NATs ARE* evil!*, Theodore Y. Ts'o* *Re: NATs ARE* evil!*, Keith Moore* *Re: NATs ARE* evil!*, V Guruprasad* *Re: NATs ARE* evil!*, Jon Knight* *Re: NATs ARE* evil!*, V Guruprasad* *Re: NATs ARE* evil!*, John Stracke* Message not available Message not available *Re: NATs ARE* evil!*, V Guruprasad*

Previous by Date:	Re: What is the IETF? -- A note of caution, Michael W. Condry
Next by Date:	RE: 49th-IETF conf room planning, Tripp Lilley
Previous by Thread:	*Re: NATs ARE* evil!*, Donald E. Eastlake 3rd*
Next by Thread:	*Re: NATs ARE* evil!*, Donald E. Eastlake 3rd*
Indexes:	[Date] [Thread] [Top] [All Lists]