Dear list, We've taken notice of this problem and will be taken it up. There's also been some contact about with needs following up from our side. Fixes will be included as soon as possible.
However there is a more general point about potential vunerabilities. Most installations will either not connect OpenDNSSEC directly to the internet or connect it behind a firewall, to let trusted parties (like slave servers) access it, but not every party on the internet. This makes OpenDNSSEC less sensitive to as an attack vector. OpenDNSSEC cannot function as a full DNS master server (is does not have the functionality to be a full authoratative master. So it isn't providing a public service (yet). It is intended to be a hidden master. We want to fix any problems, mostly because we're more worried about unintended loss of service, rather than a deliberate attack. With kind regards, Berry van Halderen _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
