KEYDIST mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: sommerfeld@orchard.arlington.ma.us
cc: Keith Moore <moore@cs.utk.edu>, RJ Atkinson <rja@extremenetworks.com>, keydist@cafax.se
From: Keith Moore <moore@cs.utk.edu>
Date: Tue, 26 Mar 2002 15:46:11 -0500
In-reply-to: (Your message of "Tue, 26 Mar 2002 15:40:58 EST.") <20020326204103.CA8512A4E@orchard.arlington.ma.us>
Sender: owner-keydist@cafax.se
Subject: Re: My take on the BoF session

> So, when DNSSEC is involved, this attack needs to happen prior to zone
> signing -- i.e., the "registration" end needs to be attacked, not
> merely the data present on a particular secondary server.

perhaps that's also a threat, but I'm thinking of attacks where a 
higher-level zone betrays the trust that is placed in it,
either because the zone administrator willing facilitates the attack,
or because the zone private key is compromised.

Keith

References:
- Re: My take on the BoF session
  - From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>

Prev by Date: Re: My take on the BoF session
Next by Date: Re: My take on the BoF session
Prev by thread: Re: My take on the BoF session
Next by thread: Re: My take on the BoF session
Index(es):
- Date
- Thread

Home | Date list | Subject list