[dns-operations] summary of recent vulnerabilities in DNS security.
Paul Vixie
paul at redbarn.org
Mon Oct 21 04:52:23 UTC 2013
Vernon Schryver wrote:
> ... I think [Haya Shulman's] work shows that port randomization is like RRL, a lame kludge of a mess that is better than nothing but not even a distant second choice to actually fixing the problem.
yea, verily.
> ...
> P.S. I'm licensed by http://ss.vix.su/~vixie/isc-tn-2012-1.txt and
> http://ss.vix.su/~vjs/rrlrpz.html to criticize RRL.
yea, verily.
> P.P.S. I've often heard Paul say much the same thing about RRL being a bad idea except compared the alternative of ignoring the consequences of everyone else's failure to deploy BCP 38.
yea, verily.
vixie
More information about the dns-operations
mailing list