[ratelimits] Poor CERT warning message
Antoin Verschuren
antoin.verschuren at sidn.nl
Wed Sep 11 12:50:25 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Op 10-09-13 23:10, Geert Jan de Groot schreef:
> Please have a look at:
> https://www.ncsc.nl/dienstverlening/response-op-dreigingen-en-incidenten/beveiligingsadviezen/NCSC-2013-0597+1.00+Rate+limiting+van+DNS+responses+veroorzaakt+kwetsbaarheid.htm
>
> I'm not sure about what to do against spread of this
> misinformation.
I think the advisory is bad and incomplete as well.
The French researchers confirmed to me that they would change their
conclusions of the report after consulting DNS experts, but apparently
the CERT has not changed it's advisory nor asked for a second opinion
after they drafted this advisory based on the preliminary report.
I've written a blog article about it on http://www.sidnlabs.nl, that
will be explained on http://www.dnssec.nl in some days as well.
(That's also in Dutch only, but at least you'll have pointers for the
Dutch LIC)
I've heard other DNS experts intent to do the same.
The vulnerability and research will be presented and discussed at the
next DNS-OARC meeting:
https://indico.dns-oarc.net/indico/contributionDisplay.py?contribId=4&confId=1
- --
Antoin Verschuren
Technical Policy Advisor SIDN
Meander 501, PO Box 5022, 6802 EA Arnhem, The Netherlands
P: +31 26 3525500 M: +31 6 23368970
Mailto: antoin.verschuren at sidn.nl
XMPP: antoin.verschuren at jabber.sidn.nl
HTTP://www.sidn.nl/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJSMGcRAAoJEDqHrM883AgnxecIALG4R03aVwmZNt4k4hhLnFiN
L7jFGELa7JhLTDunTrvxh6YhEWqZMNr2L9bwIG3apD/on+UpTcsljwWkE9WSanrs
D8eeipqDumUi3BtPZS6Vy+F9V+tfKK0mevWK5L5zms8pV9u0F9h+w5lyt+g5GcYH
4WJ37nV4HOkrhsYntotiVgvVwEhFHfGC4rT7L5nBA8UrwrHUTUx36a/XB8IJGNCP
CaRec6YZwQglZRgsND1sRCiyO6sd6NRmsBg1Lu5KnHFCr2z55Pf/o2TbqPpCWoCv
9ksL84i5O87jSdphKUHIL43YO5rXrJjwQRb75Kehy/FUDF06CNTbaumbX6b/yd0=
=JD6t
-----END PGP SIGNATURE-----
More information about the ratelimits
mailing list