From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <4B57048D.6040002@maht0x0r.net> References: <4B57048D.6040002@maht0x0r.net> Date: Sat, 23 Jan 2010 15:59:05 -0800 Message-ID: <4f34febc1001231559s3ffb6037o2a193bf4689b961@mail.gmail.com> From: John Barham To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [9fans] Are we ready for DNSSEC ? Topicbox-Message-UUID: c589b0cc-ead5-11e9-9d60-3106f5b1d025 > By the end of May, all the root servers should be running DNSSEC > > http://royal.pingdom.com/2010/01/19/the-internet-is-about-to-get-a-lot-safer/ > > Is Plan9 ready for such a move? Reading what D. J. Bernstein has to say about DNSSEC is always fun. See e.g. this paper http://cr.yp.to/talks/2009.08.10/slides.pdf about abusing DNSSEC to launch denial of service attacks. He has also proposed an alternative to DNSSEC, http://dnscurve.org/.