[Chapter-delegates] dnssec as a solution to dns poisoning the national dns infrastructure (.ro)

Peter Koch pk at ISOC.DE
Wed Nov 28 10:30:07 PST 2012


On Wed, Nov 28, 2012 at 08:12:36PM +0200, Eduard Tric wrote:
> Today we've had a massive attack of .ro domains (google.ro yahoo.ro microsoft.ro , possibly others).

indeed bad news, thanks for sharing the URLs.

> How can we cooperate with other chapters to demonstrate to the Romanan Government the benefits of a dnssec secured cctld ?

It is probably too early for this kind of conclusions.  Current status
is still guessing <http://www.securelist.com/en/blog?weblogid=208194028>
and sugegstions for an incident related to the provisioning system.
I'm not taking any position and trust the RO TLD colleagues(*)
to share information in appropriate channels.

Meanwhile we should resist the temptation to advertise or advocate DNSSEC
as a solution to problems it may not be able to mitigate.

-Peter

(*) disclosure/disclaimer: i work for, but do not speak for DENIC, the DE TLD
    registry; so all this is in personal capacity as a chapter member



More information about the Chapter-delegates mailing list