The cr.yp.to microblog: 2012.09.15 01:51:59

2012.09.15 01:51:59 (246758222747287552) from Daniel J. Bernstein, replying to "Tony Finch (@fanf)" (246750071000031233):

BIND's "rate limiting" vs. DNSSEC DDoS attacks reminds me of anti-spam ideas from a decade ago. Hurts users; doesn't stop attackers. @fanf

Context

2012.09.15 01:03:54 (246746124222865409) from Daniel J. Bernstein:

Want to help attackers kill more web sites? Install DNSSEC on your servers! #public_service_announcement

2012.09.15 01:19:35 (246750071000031233) from "Tony Finch (@fanf)":

@hashbreaker We have rate limiting attack suppression technology now :-)