[dns-operations] GSLB options?
Florian Weimer
fweimer at bfk.de
Thu Oct 29 09:56:10 UTC 2009
* Michael Sinatra:
> Have any of the GSLB implementations been able to implement DNSSEC or is
> it on the roadmap? Considering that they selectively return different A
> records for queries and those answers typically have very low ttls, such
> RRs are arguably more susceptible to various cache-poisoning methods.
Most DNS resolvers are vulnerable to DNS spoofing all the time, not
just when the TTL expires.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the dns-operations
mailing list