May 2010 Archives

DNSSEC Readiness

10 May 2010
Michael Graff

DNSSEC is coming. Is your organization ready?

The DNS community is buzzing with activity around the implementation of the DNS Security Extension, DNSSEC. In simple terms, DNSSEC provides a "chain of trust" within the DNS hierarchy and the authentication of DNS responses. Once deployed across the DNS, DNSSEC will render the infamous man-in-the-middle attack a thing of the past.

DNS/BIND Canards, Redux

02 May 2010
vixie

In this interview we see yet another attempt by a technology executive to discredit all roads that do not lead to their products and services. Since in this case the creative pot shots are aimed at my company's products and services, and since this is far from the first time these canards have been trotted out, I've decided to respond for the record.

[DNS] is an industry that has seen very little innovation.

Imminent Death of Internet Predicted. Film at 11.

11 May 2010
by Paul Ebersman

The press seems to love stories of doom and gloom. And for almost as long as the Internet has been around, there have been dire predictions of some resource exhaustion, success disaster or security flaw that will destroy the internet. And who is the villain in this week's piece? DNSSEC and the signing of all the root servers.

While I love a good story as much as the next person, it seems time to actually throw a few facts on the fire.

Open source *more* secure?

25 May 2010
by Paul Vixie

I seem to read all the time that open source projects must be less secure, since the bad guys can look through the source code to find vulnerabilities. I was pleased to see an article today that takes the point of view that security through obscurity is not the right direction and that open source projects can be more secure than competing proprietary software.