dnscurve and DNS hardening, was Re: Dan Kaminsky
dotis at mail-abuse.org
Thu Aug 6 10:07:16 CDT 2009
On 8/5/09 7:05 PM, Naveen Nathan wrote:
> On Wed, Aug 05, 2009 at 09:17:01PM -0400, John R. Levine wrote:
>> It seems to me that the situation is no worse than DNSSEC, since in both
>> cases the software at each hop needs to be aware of the security stuff, or
>> you fall back to plain unsigned DNS.
> I might misunderstand how dnscurve works, but it appears that dnscurve
> is far easier to deploy and get running. The issue is merely coverage.
There might be issues related to intellectual property use. :^(
More information about the NANOG