Author terry.reedy
Recipients Arach, Arfrever, Huzaifa.Sidhpurwala, Jim.Jewett, Mark.Shannon, PaulMcMillan, Zhiping.Deng, alex, barry, benjamin.peterson, christian.heimes, dmalcolm, eric.snow, fx5, georg.brandl, grahamd, gregory.p.smith, gvanrossum, gz, haypo, jcea, lemburg, mark.dickinson, merwok, neologix, pitrou, skrah, terry.reedy, tim.peters, v+python, zbysz
Date 2012-01-19.01:15:21
SpamBayes Score 0.0923059
Marked as misclassified No
Message-id <4F176E88.3090503@udel.edu>
In-reply-to <CAP7+vJL4z9oOXEe0xHbqrJt1pOiU8bS2MH8AbCqT3BH39CeYOA@mail.gmail.com>
Content
> You mean as a fix or that they successfully attacked a collision-counting
> system?

Successful anticipation and blocking of hash attack: after a chain of 
100 DNS 'treats the request as a cache miss'. What is somewhat special 
for this app is being able to bail at that point. Crosby & Wallach still 
think 'his fix could be improved', I presume by using one of their 
recommended hashes.
http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf
section 3.2, DJB DNS server; section 5, fixes
History
Date User Action Args
2012-01-19 01:15:26terry.reedysetrecipients: + terry.reedy, lemburg, gvanrossum, tim.peters, barry, georg.brandl, gregory.p.smith, jcea, mark.dickinson, pitrou, haypo, christian.heimes, benjamin.peterson, merwok, grahamd, Arfrever, v+python, alex, zbysz, skrah, dmalcolm, gz, neologix, Arach, Mark.Shannon, eric.snow, Zhiping.Deng, Huzaifa.Sidhpurwala, Jim.Jewett, PaulMcMillan, fx5
2012-01-19 01:15:24terry.reedylinkissue13703 messages
2012-01-19 01:15:21terry.reedycreate