[dns-wg] What about the last mile, was: getting DNSSEC deployed
Lutz Donnerhacke lutz at iks-jena.de
Mon Feb 19 10:28:19 CET 2007
* Max Tulyev wrote: > Lutz Donnerhacke wrote: >> If you use a validating resolver on your end side, DNSSEC detects and >> prevents this attack. > > How? As I understood, the idea of the attack is to change DNS, not to > poison it. If you always get the right answer, this attack does not harm.
[ dns-wg Archives ]