Maintained by: NLnet Labs

[Unbound-users] signed .com domain ?

Jan-Piet Mens
Fri Apr 1 16:29:58 CEST 2011


On Fri Apr 01 2011 at 16:09:11 CEST, Roy Arends wrote:

> Nominet's research team developed a method to do a pre-image attack
> after walking the NSEC3 chain in the com zone, regardless of
> hash-iterations used.

And there I was thinking: huh? How is *that* possible?!?

> For an exact description of our pre-image attack algorithm, please
> see: http://bit.ly/Wle7

And then I clicked. And now I'm crying. First one I fall for today ;-)

        -JP