/dane/
Regards,
Dan
P.S. Thanks, Paul, for pointing out the CA vs EE cert point. In some quick
thoughts about this scenario I hadn't recalled the issue with pinning only
the CA.
--
Dan York
Senior Content Strategist, Internet Society
y...@isoc.org <mailto:y...@isoc.org> +1-802-7
On 11/25/13 11:18 AM, "Dan York" wrote:
>On 11/25/13 5:17 AM, "Ondřej Surý" wrote:
>
>>Just a short notice - the RFC 882 and 883 has been published in November
>>1983, so we are celebrating 30 years of DNS this November.
>
>Excellent catch! I do agr
ed.
Interesting to try to dig that far back and see that only month info is
available. As someone else mentioned, Paul Mockapetris would be one
potential source of digging back to the actual dates.
Thanks for pointing this out,
Dan
--
Dan York
Senior Content Strategist, Internet Society
y.
Anne-Marie,
On 11/14/13 1:22 PM, "Anne-Marie Eklund-Löwinder"
wrote:
>Am I the only one who is surprised of the need for the tld plumbing?
Well, it's another TLD from Donuts, Inc., and last week brought us
.LIGHTING and .EQUIPMENT from Donuts (along with 7 others). Just looking
at the TLDs de
tlds.icann.org/en/program-status/delegated-strings nor the
ICANN DNSSEC reports - I suspect we'll see the latter in tomorrow's
reports. The list of delegated strings may be updated later today (if the
person doing that, for instance, is in the California office).
Dan
--
Dan York
Senior Cont
+cd option.
Hmmm... interesting. Perhaps some work is still needed on the operational
front there...
Dan
--
Dan York
Senior Content Strategist, Internet Society
y...@isoc.org <mailto:y...@isoc.org> +1-802-735-1624
Jabber: y...@jabber.isoc.org <mailto:y...@jabber.isoc.org&g
news release (listing the four domains):
http://www.icann.org/en/news/press/releases/release-23oct13-en
So yes, it's begun.
Dan
--
Dan York
Senior Content Strategist, Internet Society
y...@isoc.org <mailto:y...@isoc.org> +1-802-735-1624
Jabber: y...@jabber.isoc.org <mailto:y...@j
thought it would be useful to create a
>"typical" use case and see if X converged in a community such as this.
>
>It didn't. That's a useful data point for people creating other protocols
>who have to listen to commenters who say where resolvers need to be.
Thanks
Marco,
On 10/10/13 12:07 PM, "Marco Davids (SIDN)" wrote:
>On 10/10/13 5:43 PM, Dan York wrote:
>
>> there's nothing that DNSSEC or anything else could have done here
>
>Not entirely true. Some form of domain-locking might have helped. For
>instance, we of
ng that DNSSEC or anything
else could have done here as the attackers are gaining full access to the
domain registrants DNS records and can modify them as they wish.
Dan
--
Dan York
Senior Content Strategist, Internet Society
y...@isoc.org <mailto:y...@isoc.org> +1-802-735-1624
Jabber: y...@ja
d how severe it
may be and whether or not it would be prevented by full deployment of
DNSSEC. If it can be shown that this is a very real issue that DNSSEC
could prevent, there is suddenly another really good argument that can be
used to strongly encourage operators and enterprises to deploy DNSSEC
attended the SAAG session, listened to the presentation and read through
the materials with great interest. I left, though, not really sure I could
understand how real of a threat this is in actual deployments. I would
certainly welcome PoC code that could help shed light on the severity of
the issu
-records-of-twitter-new-york-times-through-registrar-melboune-it/
The CloudFlare and TechCrunch articles both include a statement from Melbourne
IT, the registrar for the affected domain names, that indicates there was a
compromise at their site.
Dan
--
Dan York
Senior Content Strategist, Internet
ious groups here:
http://www.internetsociety.org/deploy360/about/bcop/
Working with one of those groups might be a way to move a document
forward. Or creating a repository of DNS-related BCOPs might be a great
role that DNS-OARC could play.
Regards,
Dan
--
Dan York
Senior Content Strategist, Internet
d it to our list?
It is great that you are doing this DANE/DNSSEC work for Exim and Postfix.
If I can help publicize your work (or your call for people to help)
please let me know. I'm here to help in whatever way toward accelerating
the deployment of DNSSEC (and thereby DANE).
Regards,
Dan
15 matches
Mail list logo
