[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning

Randy Bush randy at psg.com
Thu Jul 10 05:30:38 UTC 2008

>> http://www.icann.org/committees/security/sac004.txt
> I don't think any sane person disagrees that BCP38 is vital.

bcp38 is useful but not vital.  we do not suffer serious spoofing
attacks despite years of fud about it.  and it is not really critical to
this particular vulnerability.  but it sure is religion for some people.

but you already knew i was not sane.


More information about the dns-operations mailing list