top | item 46147094 (no title) ishouldbework | 2 months ago That should be prevented by dnssec no? discuss order hn newest tptacek|2 months ago Depends on who your adversary is. If it's your ISP: no, DNSSEC doesn't prevent that (in every mainstream deployment scenario, your upstream DNS recursive server is the only thing really doing DNSSEC validation).
tptacek|2 months ago Depends on who your adversary is. If it's your ISP: no, DNSSEC doesn't prevent that (in every mainstream deployment scenario, your upstream DNS recursive server is the only thing really doing DNSSEC validation).
tptacek|2 months ago