[dns-wg] Announcement: Test Report on DNSSEC impact on SOHO CPE
Ray.Bellis at nominet.org.uk
Ray.Bellis at nominet.org.uk
Tue Sep 16 14:55:44 EDT 2008
> The report is excellent. Thank you very much for sharing it with us.
You're welcome :)
> I have two questions.
>
> 1) Vendor actions
>
> What are the vendor status and/or responses? Were they contacted?
did they
> respond? Are they planning updates?
We did contact vendor technical support, in particular to determine
whether any work-arounds exist on those routers that don't appear to allow
the DNS settings in the DHCP server to be changed.
However attempts to reach product management types to talk about
implementation issues were generally fruitless. I did manage to report my
findings to Zyxel UK through an existing contact, though.
I'm hoping that some of the vendors will get in touch with me, now that
the report is published.
> 2) base OS?
>
> Is there a similarity in these firmwares? eg are they using the same
> DNS software inside? Perhaps the vendors are not the people we
should
> be talking to? For instance, many Linux based routers use the
"dnsmasq"
> software. Depending on its status, it might be worth contacting the
> upstream software provider of the commercial router vendors.
We didn't see any direct evidence of shared code between vendors. We did
see some quirks that might suggest commonality (e.g. NAT tranlation
failures) but didn't look for anything to prove a link.
kind regards,
Ray
--
Ray Bellis, MA(Oxon)
Senior Researcher in Advanced Projects, Nominet
e: ray at nominet.org.uk, t: +44 1865 332211
More information about the Dnssec-deployment
mailing list