Evan Leibovitch wrote: > Arguably, most DNS information shouldn't be confidential. And that which > is, is probably covered by the authentication aspect, either you're > authenticated or you don't get the info.
I'm curious why people think this, I mean the more information you leak about yourself to third parties the easier you make it for them to do all sorts of weird and wonderful profiling on you, however beyond that there is more pragmatic reasons such as preventing censorship or at least making it more difficult. > In any case, dnssec is far from dormant; it's just that there's a > dreadfully old and creaky existing infrastructure that needs a lot of > effort, both political and technical, to change. It's the same thing > with IPV6. DNSSEC seems to be poorly thought out from a real world perspective to me, it seems like it will be difficult if not down right pain in the butt to manage. http://alan.clegg.com/files/DNSSEC_in_6_minutes.pdf -- Best regards, Duane http://www.freeauth.org - Enterprise Two Factor Authentication http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://e164.org - Global Communication for the 21st Century "In the long run the pessimist may be proved right, but the optimist has a better time on the trip."
signature.asc
Description: OpenPGP digital signature
