[dns-operations] A funny DNS vulnerability

Mark Andrews marka at isc.org
Fri May 9 15:28:20 UTC 2014


The IETF creates a multiple methods to update DNS securely and they
choose to use something else.  It's not like it was new technology
when they were setting up the service.

Domain Name:MYFOSCAM.ORG
Domain ID: D165859065-LROR
Creation Date: 2012-06-19T05:33:11Z
Updated Date: 2012-08-19T03:52:48Z

SIG(0) would have been fine for this.  How hard would it to have
been to generate a RSA key pair and put the private part on the
camera and the public part on the server?

Mark

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the dns-operations mailing list