[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
Tony Finch
dot at dotat.at
Wed May 21 16:26:15 UTC 2008
On Wed, 21 May 2008, Edward Lewis wrote:
>
> Assuming that the change of an address is a rare event, we measure
> the the "mean time between events" in years (not months). This time
> will likely be longer than the lifetime of any public key with the
> importance of "protecting" the root zone or root hints.
I'm not sure that's right. The lifetime of X.509 certificates embedded in
browsers is very long - 25 years for Thawte, 30-40 years for Verisign,
etc.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
HEBRIDES: EAST OR SOUTHEAST 5 TO 7. MODERATE OR ROUGH. RAIN. MODERATE OR GOOD.
More information about the dns-operations
mailing list