[as112-ops] DNSSEC?
Nick Hilliard
nick at inex.ie
Wed Jan 13 12:54:49 UTC 2010
On 13/01/2010 12:46, Joe Abley wrote:
> I think it's clear that DNSSEC doesn't provide any additional techniques
> in this area, although I suppose you could make the argument that it's
> easier to find a query that will cause good amplification. It's not hard
> without DNSSEC though, so it's not clear to me that the bar for
> launching an attack is lowered in any practical sense.
There's nothing new or revolutionary here. It's just the amplification
factor of 30x which is cause for concern.
Nick
More information about the as112-ops
mailing list