Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
On 25/07/2008, at 6:45 AM, Scott Berkman wrote:
Is it just me or is the test page below down now?
Or maybe some poisoned the NS record for dns-oarc.net and sent it to nowhere to stop testing! (J/K since I can get to the rest of the page fine).
Hmm, cute. So uh, is this patch available for download over HTTPS with a key that was generated by the vendor and signed by well trusted root CAs on a boxes with OpenSSL versions not released by Debian? PATCH NOW PATCH NOW seems like a fantastic way to get nefarious code deployed in really, really interesting places. :-) -- Nathan Ward
On Fri, Jul 25, 2008 at 07:31:30PM +1200, Nathan Ward wrote:
So uh, is this patch available for download over HTTPS with a key that was generated by the vendor and signed by well trusted root CAs on a boxes with OpenSSL versions not released by Debian?
PATCH NOW PATCH NOW seems like a fantastic way to get nefarious code deployed in really, really interesting places.
:-)
I'm not smiling. I'm wondering if we're insufficiently paranoid. Course that could be because I'm reading the Mitnick book this week. But I don't think so. Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com '87 e24 St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274 Those who cast the vote decide nothing. Those who count the vote decide everything. -- (Josef Stalin)
participants (2)
-
Jay R. Ashworth
-
Nathan Ward