Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

unless not doing so would lead to significant harm to others

Ding ding ding.

At any rate: it's very funny that DNSSEC took 1.1.1.1 down, but this bug can't honestly be pinned on DNSSEC itself.



In a way they're lucky DNSSEC took it down, otherwise they may have not noticed the issue of using stale data for much longer.


They have expired the data correctly, which uncovered a bug in fetching of a new DNSSEC record.

If the DNSSEC didn't add new unnecessary complexity to an otherwise working system, there would be no bug, and no stale data.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: