[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)

Subject: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
From: Eugene Crosser <crosser@xxxxxxxxxxx>
Date: 30 Dec 2002 21:39:46 +0300
Organization:
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Mon, 2002-12-30 at 20:03, E.B. Dreger wrote:

> EC> can be omitted alltogether.  Instead, you can (and probably
> EC> should) download the key by hand and check the fingerprint
> EC> offline (e.g. call friends).
> 
> Likewise, one could have a centrally-distributed copy of the
> hints file.

The difference is that the public key does not change [as often as the
hints file may].  You may need to download and verify the public key
only once in the lifetime of your server.  And then check the hints file
several times a year.

Eugene

Follow-Ups:
- Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
  - From: E.B. Dreger

References:
- Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
  - From: E.B. Dreger

Prev by Date: RE: [cobalt-security] What does this DNS related message mean
Next by Date: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
Previous by thread: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)
Next by thread: Re: DNS security and spoofing (Re: [cobalt-security] Anyone else get this error?)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index