This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/dns-wg@ripe.net/
[dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Previous message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Next message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Max Tulyev
president at ukraine.su
Tue Feb 13 18:00:51 CET 2007
We (NetAssist, Kiev, Ukraine) did it a year ago (RIPE backresolve, .se, .ru, .net, .com as well as ISC's DLV checking). In general, I don't believe in practical usage of this implementation, because of you can do a DNS attack on the client's resolver directly. But I see significant decrease of spam after DNSSEC implementation. I believe it can happens because of wise spammers can't cheat backresolve and blacklists checks anymore. Lutz Donnerhacke wrote: > On Tue, Feb 13, 2007 at 04:18:37PM +0100, Patrik Fältström wrote: >> On 13 feb 2007, at 15.45, Lutz Donnerhacke wrote: >>> What is so great about this message? >> That a large ISP turn on verification of DNSSEC signatures in their >> resolvers with the key of a TLD as anchor. That has not happened >> before as far as I know. If I am wrong, I would like to know. > > I thought Cable and Wireless did this in December 2005. > -- WBR, Max Tulyev (MT6561-RIPE, 2:463/253 at FIDO)
- Previous message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Next message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]