Talk:DNS Poisoning

From SQRLauth.net
Jump to: navigation, search

Hi Shanedk,

Nice work adding DNS Poisening to the list, I see this page has been added and linked to the https://sqrlauth.net/Attack-Analysis page. I would normally include it as an amplification of the spoofing attack but I see there are other possibilities.

In light of SQRL V1 requiring a secure connection it would be nice to reference how HTTPS affects this attack vector. Also there are some other possibilities that would be useful to mention in the realm of DNS poisoning/takeover attacks, that of local router, ISP level and registrar attacks which do not rely on local malware.