[dns-operations] Spoofing DNS with fragments
Florian Weimer
fweimer at redhat.com
Wed Sep 12 15:00:16 UTC 2018
On 09/12/2018 12:50 AM, Mark Andrews wrote:
> TSIG with a well known key doesn’t require a flag day.
I'm worried that using TSIG will require a flag day eventually, just
like EDNS.
The buffer size hack, combined with kernel assistance on some systems,
looks much more promising, and it only requires fixing the authoritative
server side, too.
Thanks,
Florian
More information about the dns-operations
mailing list