Reply to post: Well yes,

Build the wall... around your DNS settings, US govt IT staff urged by Homeland Security amid domain hijackings

Anonymous Coward
Anonymous Coward

Well yes,

back in the day when hardly anybody ever needed a change in DNS, it was very easy to make he system secure, because the greybeard in charge had a need-to-know policy, i.e. he needed to know you, and his fingertips wove the magic that would let your CNAMEs come into being into text files. Of course, nowadays, we expect fingerprints of five different flavours of short-lived certificates in there, autoconfig information generated by your local AD server, spam policy, and a host of other things, signed by another set of short-lived certificates, turtles all the way down, all of which almost requires you to have an automated, more-widely-visible administrative access.

More legos, and the same number of naked feet at night.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021