Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)

• From: Jeffrey Ollie
• Date: Thu Jul 24 19:56:34 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Thu, Jul 24, 2008 at 3:05 AM, Steven M. Bellovin <[email protected]> wrote:
>
> The round trip issue affects latency, which in turn affects perceived
> responsiveness.  This is quite definitely the reason why gmail doesn't
> always use https (though it, unlike some other web sites, doesn't
> refuse to use it).

Interestingly enough, Google just added a feature to GMail to force
secure connections:

http://googlesystem.blogspot.com/2008/07/force-gmail-to-use-secure-connection.html

Jeff

• Follow-Ups:
  • Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Hank Nussbacher

• References:
  • Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco
  • Re: Exploit for DNS Cache Poisoning - RELEASED Joe Abley
  • Re: Exploit for DNS Cache Poisoning - RELEASED Jasper Bryant-Greene
  • Re: Exploit for DNS Cache Poisoning - RELEASED Patrick W. Gilmore
  • https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Robert Kisteleki
  • Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Steven M. Bellovin

• Prev by Date: RE: Exploit for DNS Cache Poisoning - RELEASED
• Next by Date: Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
• Date Index
• Thread Index
• Author Index
• Historical