[dns-operations] Spoofing DNS with fragments

Volker Janzen voja at voja.de
Tue Sep 11 10:10:25 UTC 2018


> Note that as long as one CA does not validate, DNSSEC is not a
> sufficient defense, you need DANE as well (otherwise the attacker will
> go to another CA).

or CAA records.

Kind regards,

More information about the dns-operations mailing list