ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [DNSOP] Practical issues deploying DNSSEC into the home.

2013-09-14 08:31:09
from [Masataka Ohta] [Permanent Link] 
Dickson, Brian wrote:


In order to subvert or redirect a delegation, the TLD operator (or
registrar) would need to change the DNS server name/IP, and replace the DS
record(s).


Only to a victim to be deceived.


This would be immediately evident to the domain owner, when they query the
TLD authority (delegation) servers.


Wrong. The domain owners can't know some victims are supplied
faked data.

                                                        Masataka Ohta
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [DNSOP] Practical issues deploying DNSSEC into the home., Masataka Ohta
Next by Date:  Re: [DNSOP] Practical issues deploying DNSSEC into the home., Masataka Ohta
Previous by Thread:  Re: [DNSOP] Practical issues deploying DNSSEC into the home., Ted Lemon
Next by Thread:  Re: [DNSOP] Practical issues deploying DNSSEC into the home., Nicholas Weaver
Indexes:  [Date] [Thread] [Top] [All Lists]