At 16:15 20-02-2013, Vernon Schryver wrote:
http://www.cloudshield.com/applications/dns-truth-about-dnssec.asp
On the other hand, this statement in that document might suggest
confusion about DNSSEC:
Even if DNSSEC were deployed broadly, it still would not ensure
that DNS for a domain could not be misdirected. This is because
DNSSEC does nothing to ensure that the listed authoritative name
server for a domain name is one that is legitimately controlled
by the owner of the domain name.
Or maybe the definition of "legitimately controlled" is unrelated to
delegations from parent domains.
Or maybe he is thinking of regimes in which the bad guys control
the root trust anchors on all computers.
I read it as meaning that listed authoritative name server is changed
by someone else through the "web panel".
Regards,
-sm
_______________________________________________
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
