The worst thing about the exploit -- Have you done your part?
Alan Clegg
Alan_Clegg at isc.org
Sat Jul 26 15:41:10 UTC 2008
Ben Croswell wrote:
> I also see a lot of people calling for DNSSEC to fix the underlying
> issue, but unless I am mistaken DNSSEC won't fix the issue unless we
> have close to 100% adoption rate.
I'm using DLV to do DNSSEC validation right now, as are all the queries
of my upstream ISP.
I have a bunch of domains that you can validate using DNSSEC including
'clegg.com'.
See another presentation of mine here: http://alan.clegg.com/dnssec for
information on deploying DNSSEC in your environment TODAY!
Yes, there needs to be more infrastructure work done to get it deployed
globally, but why not begin the deployment at the (grass) roots?
AlanC
More information about the bind-users
mailing list