IETF mulls the option of ignoring Kaminsky DNS bug

While many DNS registries, ISPs, and companies have yet to patch the Kaminsky bug, the Internet engineering community will be getting together at the IETF to debate on whether to do anything about it. Well to be fair, the issue they are working on has to do with whether or not to encourage an upgrade to DNSSEC, known as the ultimate DNS security solution, or if it should just advocate a temporary patch to address the bug. Opting for DNSSEC appears to be logical, until one realizes that DNSSEC hasn't been widely deployed as yet, despite being in development for the better part of a decade. Without it being fully deployed across the Internet though, websites remain vulnerable to Kaminsky-type attacks. And in case you're thinking a quick resolution will be found, know that the working group is currently split on which direction to take.

To read more about this story:
- check out this article from the Network World