Thread: DNSSEC on all root servers
View Single Post
  #1   (View Single Post)  
Old 6th May 2010
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,132
Default DNSSEC on all root servers
From http://www.h-online.com/security/new...rs-994744.html

Quote:
Yesterday (Wednesday) the last of the 13 authoritative root servers for the domain name system switched over to the DNS Security Extensions (DNSSEC) security protocol. DNSSEC is intended to prevent DNS exploits such as cache poisoning. All 13 root servers are now serving a signed version of the root zone. However, it is not possible to validate these signatures at present as the public key remains undisclosed. This precautionary measure is intended to ensure that for the time being it remains possible to switch back to an unsigned root zone, should the need arise.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote