Nxdomain redirect revenue

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Tue Sep 27 14:19:35 UTC 2011

On Tue, 27 Sep 2011 09:27:00 EDT, Christopher Morrow said:
> On Tue, Sep 27, 2011 at 7:50 AM, Jimmy Hess <mysidia at gmail.com> wrote:

> > I would rather see DNSSEC and TLS/HTTPS get implemented end to end.
> how does tls/https help here? if you get sent to the 'wrong host'
> whether or not it does https/tls is irrelevant, no? (save the case of
> chrome and domain pinning)

Well, actually, Chrome-like domain pinning and/or using DNSSEC to verify the
provenance of an SSL cert is the whiole reason Jimmy probably wants DNSSEC and
TLS...Unless you do that sort of stuff, there's no way to *tell* if you ended
up at the wrong host...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110927/93dd85e5/attachment.sig>

More information about the NANOG mailing list