I, humbly, consider myself pretty conversant in the basics of (modern and classical) cryptography and information security.
For most of my career, I've been mystified as to what problem #DNSSEC purports to solve.
Has there ever been a case of a DNS-based attack (spoofing, hijacking, transfer, DDoS, etc) that's been thwarted by DNSSEC? Or, in the reverse, has there been an attack that was successful that DNSSEC would have solved?
I don't know what it is, but the upsides of DNSSEC just hasn't clicked in my brain.
Tod Beardsley 🤘 /
npub1hm…pl0yl
2024-01-26 20:31:41
Author Public Key
npub1hmgnuqccyragcwepqz4xdt76xufuk4n3a9mps9hl23v9fldkt3cszpl0ylPublished at
2024-01-26 20:31:41Event JSON
{
"id": "361531196a0f8bebe3f96869b020b7fad139c87061532c270ea13e9ce673d265",
"pubkey": "bed13e031820fa8c3b2100aa66afda3713cb5671e9761816ff545854fdb65c71",
"created_at": 1706301101,
"kind": 1,
"tags": [
[
"t",
"dnssec"
],
[
"proxy",
"https://infosec.exchange/users/todb/statuses/111824148990588166",
"activitypub"
]
],
"content": "I, humbly, consider myself pretty conversant in the basics of (modern and classical) cryptography and information security.\n\nFor most of my career, I've been mystified as to what problem #DNSSEC purports to solve.\n\nHas there ever been a case of a DNS-based attack (spoofing, hijacking, transfer, DDoS, etc) that's been thwarted by DNSSEC? Or, in the reverse, has there been an attack that was successful that DNSSEC would have solved?\n\nI don't know what it is, but the upsides of DNSSEC just hasn't clicked in my brain.",
"sig": "735afc4dda7769f1e83cb6873925135c1ced7cb88b4b0edb0b6fe013afa65e8bc911e252bdc66fb48632e40124bcda2cec51ba05ce0798ada56074c3df4286c2"
}