On Thu, Dec 04, 2014 at 11:01:49AM -0500, Richard Pieri wrote: > On 12/4/2014 10:35 AM, Derek Atkins wrote: > >If I'm sitting in a hotel room behind a broken middleware box then I > >know, for sure, that the middleware is breaking me; I can turn off > >validation at that point > > So, DNSSEC validation is something that needs to be turned off in > order to use DNS in the kinds of environments where DNSSEC > validation would be most desirable.
Come on man, this statement is very obviously false. It only needs to be turned off in very specific, very limited circumstances, namely when you MUST do whatever you're doing RIGHT NOW, AND you can't find a reasonable alternative, like doing your work from a starbucks (or other hotspot or whatever) across the street, AND the consequences of not doing it RIGHT NOW are worse than the risk of getting hacked... ..which is like, never. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
_______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
