On Tue, Oct 02, 2012 at 08:34:36PM +0000, Paul Vixie <[email protected]> wrote a message of 19 lines which said:
> i don't think so. too many middleboxes unpack the tcp/443 stream using a > wildcard certificate, ??? If you are on a network where the router/proxy/middlebox managed to obtain a wildcard certificate from a CA you trust (is there a CA which seels that?), you're toasted anyway. DNSSEC is useless because the middlebox can hack you at will. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
