nanog mailing list archives

Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)

From: Chris Adams <cmadams () hiwaay net>
Date: Thu, 24 Jul 2008 08:02:51 -0500

Once upon a time, Robert Kisteleki <robert () ripe net> said:

I understand this is a huge can of worms, but maybe it's time to change the 
default behavior of browsers from http to https...?


This is a _DNS_ vulnerability.  The Internet is more than HTTP(S).

Think about email (how many MTAs do TLS and validate the certs?).  Even
things like BitTorrent require valid DNS (how about MPAA/RIAA poisoning
the cache for thepiratebay?).

-- 
Chris Adams <cmadams () hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Current thread:

Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED), (continued)
- - - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Steven M. Bellovin (Jul 24)
    - Re: https Sam Stickland (Jul 24)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Jeffrey Ollie (Jul 24)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Hank Nussbacher (Jul 24)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Jim Popovitch (Jul 24)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Matthew Petach (Jul 25)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Jim Popovitch (Jul 25)
    - Re: https Patrick Giagnocavo (Jul 31)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Jasper Bryant-Greene (Jul 24)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) William Pitcock (Jul 24)
    - Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Chris Adams (Jul 24)
    - Re: https Ken A (Jul 24)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Tuc at T-B-O-H.NET (Jul 23)
    - Re: Software router state of the art Petri Helenius (Jul 26)
    - Re: Software router state of the art William Herrin (Jul 26)
    - Re: Software router state of the art Florian Weimer (Jul 26)
    - Re: Software router state of the art Petri Helenius (Jul 26)
    - Re: Software router state of the art Florian Weimer (Jul 26)
  - Re: Software router state of the art Joel Jaeggli (Jul 23)
- Re: Software router state of the art Andrew D Kirch (Jul 26)
  - Re: Software router state of the art Chris Adams (Jul 26)

(Thread continues...)