Input needed on DNSSEC for upcoming security advisory
"FORENSICS.ORG Security Coordinator" <secalert@forensics.org> Sat, 03 August 2002 00:34 UTC
Received: from psg.com (smmsp@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12748 for <dnsext-archive@lists.ietf.org>; Fri, 2 Aug 2002 20:34:48 -0400 (EDT)
Received: from lserv by psg.com with local (Exim 3.36 #1) id 17amiw-000IkU-00 for namedroppers-data@psg.com; Fri, 02 Aug 2002 17:24:50 -0700
Received: from rip.psg.com ([147.28.0.39]) by psg.com with esmtp (Exim 3.36 #1) id 17amis-000IkI-00 for namedroppers@ops.ietf.org; Fri, 02 Aug 2002 17:24:46 -0700
Received: from localhost ([127.0.0.1] helo=rip.psg.com.psg.com) by rip.psg.com with esmtp (Exim 4.10) id 17amis-000DnF-00 for namedroppers@ops.ietf.org; Fri, 02 Aug 2002 17:24:46 -0700
Message-ID: <ILEPILDHBOLAHHEIMALBGEAGDJAA.secalert@forensics.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <iluofckvrew.fsf@h133n1c1o299.bredband.skanova.com>
From: "FORENSICS.ORG Security Coordinator" <secalert@forensics.org>
To: namedroppers@ops.ietf.org
Cc: dnssec@cafax.se
Subject: Input needed on DNSSEC for upcoming security advisory
Date: Fri, 02 Aug 2002 14:29:58 -1000
X-Spam-Status: No, hits=-3.4 required=5.0 tests=IN_REP_TO version=2.31
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Content-Transfer-Encoding: 7bit
[ post by non-subscriber. with the massive amount of spam, it is easy to miss and therefore delete mis-posts. so fix subscription addresses! ] To Whom It May Interest: A DNS-based security vulnerability exists that has not yet been disclosed publicly. The vulnerability was discovered by a third party and FORENSICS.ORG is acting in the capacity of COORDINATOR pursuant to the Responsible Vulnerability Disclosure Process, referenced below: http://www.ietf.org/internet-drafts/draft-christey-wysopal-vuln-disclosure-0 0.txt We are in need of input from persons working with DNSSEC in connection with the planned ADVISORY. Although DNSSEC will not completely solve this particular problem, it is important to include details of the risk factors that ARE mitigated partially when DNSSEC is employed. The most likely security patch will involve mandatory updates to every resolver. In order to discuss the technical details of the threat in a responsible manner, it is necessary for us to disclose the vulnerability in full to a small number of trustworthy individuals with expertise in certain subject areas, DNSSEC being one of these areas. If you are interested in contributing to the content of our forthcoming ADVISORY, please contact us by Thursday, August 8th for consideration by our team of your eligibility for early disclosure. Thank you. FORENSICS.ORG Security Coordinator -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>
- Comment on draft-ietf-dnsext-dnssec-records Simon Josefsson
- Re: Comment on draft-ietf-dnsext-dnssec-records Simon Josefsson
- Input needed on DNSSEC for upcoming security adviā¦ FORENSICS.ORG Security Coordinator
- Re: Comment on draft-ietf-dnsext-dnssec-records Matt Larson
- Re: Comment on draft-ietf-dnsext-dnssec-records Edward Lewis