BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] free SSL certs from the EFF
- Subject: [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- Date: Fri, 5 Dec 2014 01:35:30 +0000
- In-reply-to: <sjmtx1bbf7w.fsf@securerf.ihtfp.org>
- References: <546C4823.6060900@gmail.com> <BN3PR0401MB1204BAB10AE6249C54E4E81BDC760@BN3PR0401MB1204.namprd04.prod.outlook.com> <54737E7C.5040506@mattgillen.net> <BN3PR0401MB1204CDD16766109B0CD095ECDC730@BN3PR0401MB1204.namprd04.prod.outlook.com> <sjm8uirdxem.fsf@securerf.ihtfp.org> <BN3PR0401MB1204B299B351DFF7F2E85FBDDC7D0@BN3PR0401MB1204.namprd04.prod.outlook.com> <sjmlhmqcb1j.fsf@securerf.ihtfp.org> <BN3PR0401MB120492A5BDE4D3CEE0AECDD3DC7A0@BN3PR0401MB1204.namprd04.prod.outlook.com> <sjm8uiqc7sw.fsf@securerf.ihtfp.org> <547E0FB3.3070005@gmail.com> <sjmy4qobui6.fsf@securerf.ihtfp.org> <547F3855.10106@gmail.com> <sjmtx1bbf7w.fsf@securerf.ihtfp.org>
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss- > bounces+blu=nedharvey.com at blu.org] On Behalf Of Derek Atkins > > Richard Pieri <richard.pieri at gmail.com> writes: > > > Which results in a denial of service for clients if DNSSEC is > > enforced. That's not protecting users; that's dumping them into black > > holes. > > Some say DoS, some say protected. If someone is trying to poison my DNS > Cache I'd rather ignore them and blackhole than accept their attack and > go to the wrong place. Besides, DNS allows me to go ask multiple > sources for information. +1 The correct behavior is to refuse to use corrupted data, and probably retry the query to get good data. If an intermediary router wants to cause a DoS, then stripping security would be the stupidest way possible to execute such an attack - rather than just dropping the packet.
- References:
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] free SSL certs from the EFF
- From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] free SSL certs from the EFF
- Prev by Date: [Discuss] free SSL certs from the EFF
- Next by Date: [Discuss] free SSL certs from the EFF
- Previous by thread: [Discuss] free SSL certs from the EFF
- Next by thread: [Discuss] free SSL certs from the EFF
- Index(es):
