DNS hardening, was Re: Dan Kaminsky

• Previous message (by thread): DNS hardening, was Re: Dan Kaminsky
• Next message (by thread): DNS hardening, was Re: Dan Kaminsky
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> 5 is 'edns ping', but it was effectively blocked because people
>> thought DNSSEC would be easier to do, or demanded that EDNS PING
>> (http://edns-ping.org) would offer everything that DNSSEC offered.
>
> 	I'm surprised you failed to mention http://dnscurve.org/crypto.html,
> 	which is always brought up, but never seems to solve the problems
> 	mentioned.

dnscurve looks like a swell idea, but I wouldn't put it in the category of 
a hack as straightforward as the ones I listed.  Also, at this point there 
appears to be neither code nor an implementable spec available since Dan 
is still fiddling with it.

Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.

• Previous message (by thread): DNS hardening, was Re: Dan Kaminsky
• Next message (by thread): DNS hardening, was Re: Dan Kaminsky
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]