[dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Previous message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Next message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Max Tulyev
president at ukraine.su
Tue Feb 13 18:00:51 CET 2007
We (NetAssist, Kiev, Ukraine) did it a year ago (RIPE backresolve, .se, .ru, .net, .com as well as ISC's DLV checking). In general, I don't believe in practical usage of this implementation, because of you can do a DNS attack on the client's resolver directly. But I see significant decrease of spam after DNSSEC implementation. I believe it can happens because of wise spammers can't cheat backresolve and blacklists checks anymore. Lutz Donnerhacke wrote: > On Tue, Feb 13, 2007 at 04:18:37PM +0100, Patrik Fältström wrote: >> On 13 feb 2007, at 15.45, Lutz Donnerhacke wrote: >>> What is so great about this message? >> That a large ISP turn on verification of DNSSEC signatures in their >> resolvers with the key of a TLD as anchor. That has not happened >> before as far as I know. If I am wrong, I would like to know. > > I thought Cable and Wireless did this in December 2005. > -- WBR, Max Tulyev (MT6561-RIPE, 2:463/253 at FIDO)
- Previous message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Next message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]