DNSSEC and ISPs faking DNS responses
Roland Dobbins
rdobbins at arbor.net
Sat Nov 14 12:29:10 UTC 2015
On 14 Nov 2015, at 16:27, Owen DeLong wrote:
> Today.
Yes, today, and tomorrow, and next week, and next month, and next year,
etc.
> Why on earth do you assume that this will not continue to expand
> and/or accelerate its rate of expansion as word spreads that it is
> possible?
Because it isn't a simple default.
If it ever becomes a simple default, we'll start to see greater
adoption. And probably not in the form of 'tunneling-everything' VPNs,
but 'application VPNs' which automagically utilize SSL/TLS
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the NANOG
mailing list