[dns-operations] Another whitepaper on DDOS

Tony Finch dot at dotat.at
Tue Feb 26 19:45:11 UTC 2013

Vernon Schryver <vjs at rhyolite.com> wrote:
> > From: Tony Finch <dot at dotat.at>
> >
> > In addition to vjs's points, note that DNSSEC makes theft of a domain
> > even more visible because it is likely to cause horrible breakage for
> > validating users.
> I didn't mention those alarms, because I assumed the domain was
> stolen at the registrar or in the registry so that glue and DS
> records would be corrected by the adversary.

I assumed that too :-) It's a common problem (see Educause recently...)

The problem occurs because it is likely for caches to contain different
parts of the validation chain (DS from parent, DNSKEYs and RRSIGs from
child) from before and after the hack.

f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.

More information about the dns-operations mailing list