DNS hardening, was Re: Dan Kaminsky
Phil Regnauld
regnauld at catpipe.net
Wed Aug 5 18:06:08 UTC 2009
bert hubert (bert.hubert) writes:
>
> 5 is 'edns ping', but it was effectively blocked because people
> thought DNSSEC would be easier to do, or demanded that EDNS PING
> (http://edns-ping.org) would offer everything that DNSSEC offered.
I'm surprised you failed to mention http://dnscurve.org/crypto.html,
which is always brought up, but never seems to solve the problems
mentioned.
More information about the NANOG
mailing list