[dns-operations] .com/.net DNSSEC operational message

[Cutler James R]

On Oct 29, 2010, at 6:37 PM, George Barwood wrote:

> If the resolver validates the IP addresses of the root servers, the attack can be defeated.

Validation of an end point address for any communication or data exchange is orthogonal to validation of the communication itself.

How do I know that some BGP data has not been compromised so that my "validated" destination address is really a bad guy?


James R. Cutler
james.cutler at consultant.com