>However, we in the security circles don't need to spread the >"Kaminsky finds" meme.
Quite right. Paul Vixie mentioned it in 1995, Dan Bernstein started distributing versions of dnscache with randomized port and sequence numbers in 2001. >The take-away here is not that "Dan didn't discover the problem", but >"Dan got it fixed". An alternate take-away is that IETF BCPs don't >make nearly as much difference as a diligent security expert with a >good name. I suppose 13 years is kind of a long time, but better late than never. It would be modestly interesting to learn what is different now that motivated him to get people to fix it. R's, John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
