On April 11, 2014 at 11:44 do...@dougbarton.us (Doug Barton) wrote: > On 04/11/2014 11:35 AM, Barry Shein wrote: > > So, DNSSEC is also compromised by this heartbleed bug, right? > > There is nothing in the DNSSEC protocol that requires the Heartbeat > functionality. However whether a specific implementation of DNS software > is vulnerable or not depends on how it's compiled. I would expect that > most would not be. ISC for example just released a statement that BIND > is not: > > https://lists.isc.org/pipermail/bind-users/2014-April/092944.html
Cool, good news. -- -Barry Shein The World | b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*