Comment by gzread 6 hours ago It will change as soon as one of them gets meaningfully DNS hijacked. 4 comments gzread Reply tptacek 4 hours ago Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts. indolering 1 hour ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 41 minutes ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 1 reply →
tptacek 4 hours ago Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts. indolering 1 hour ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 41 minutes ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 1 reply →
indolering 1 hour ago Phishing existing isn't a good argument against cryptographically authenticating DNS records. tptacek 41 minutes ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 1 reply →
tptacek 41 minutes ago "Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is. 1 reply →
Zones get meaningfully hijacked all the time. It just doesn't happen through cache poisoning; it happens through phished registrar accounts.
Phishing existing isn't a good argument against cryptographically authenticating DNS records.
"Phishing existing" isn't the argument. "The dominant vector for actual domain takeover over the last 5 years is phishing" is.
1 reply →