Home page logo

nanog logo nanog mailing list archives

Re: US internet providers hijacking users' search queries
From: Mark Andrews <marka () isc org>
Date: Sun, 07 Aug 2011 12:08:39 +1000

In message <D8FBCDCB-BCD1-4847-9D23-D5745A5C609B () delong com>, Owen DeLong write
On Aug 5, 2011, at 6:03 PM, Mark Andrews wrote:

In message <4E3C9228.4050808 () paulgraydon co uk>, Paul Graydon writes:
On 08/05/2011 02:53 PM, Brielle wrote:
Until they start MitM the ssl traffic, fake certs and all.  Didn't a =
n repressive regime already do this tactic with facebook or some =
other major=20
Syria did:=20

Which is countered by DNSSEC + DANE.  A country may be able to fake =
under their tld but not the rest of the net.
Unless they start proxying all queries and putting their own trust =
anchors on all the

Which still won't work unless they can get a false trust anchor for the
root installed.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]