--On July 15, 2008 10:22:56 PM -0400 Valdis.Kletnieks@xxxxxx wrote:
On Tue, 15 Jul 2008 20:46:57 CDT, Paul Schmehl said:Perhaps that's because a cert problem on a web server breaks a single webserver. A cert problem with dns breaks an entire domain.On the flip side, if you busticate DNS for the entire domain, you're likely to *notice* it and *fix* it a lot faster. "Dead in the water" is, in some ways, actually preferrable to "damn, this may or may not have been broken for the last 6 months - how many users just gave up and never came back?"
Good point. Paul Schmehl If it isn't already obvious, my opinions are my own and not those of my employer.
Attachment:
p7sCUR_gogntG.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/