[dns-operations] summary of recent vulnerabilities in DNS security.
Michele Neylon - Blacknight
michele at blacknight.com
Tue Oct 22 20:06:38 UTC 2013
On 22 Oct 2013, at 20:28, Jared Mauch <jared at puck.nether.net>
> It's difficult because there is not universal support amongst registrars. Once again the wheel gets stuck when the technical side meets the business side.
It's not entirely "business" that causes the issues ..
Registry operators do not have a consistent or uniform way of implementing DNSSEC, which makes integration more complex for registrars.
If, as a registrar, we only offered .com then it would be one thing, but that's not the case ..
> Before someone says "switch registrar", it's usually not that easy and then becomes something resembling a full time project vs "just throwing a switch".
> Edit a zone file vs "edit, run a script, upload some keys, roll some keys, do some other magic" is harder than edit a zone file.
> This runs into the same friction issue that using PGP and other tools encounter. It seems simple enough to most folks, but when you add in someone less-technical, it goes off the rails quickly. I can't count the number of times someone emailed me their full keyring or private key when they meant public. It's not as easy as you think it is.
> - Jared
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-jobs mailing list
Mr Michele Neylon
Blacknight Solutions ♞
Hosting & Domains
ICANN Accredited Registrar
Intl. +353 (0) 59 9183072
Locall: 1850 929 929
Direct Dial: +353 (0)59 9183090
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland Company No.: 370845
More information about the dns-operations