The problem with other solutions is that you (a DNS user) must trust someone not to have been hacked or to sell you out.
This solution is a super-hack, but shows the type of architecture needed to ensure that no entity but you knows both: - who made the request - what the request (and response) contains Anyone that knows both is a potential point of compromise. http://datatracker.ietf.org/doc/draft-hardaker-dnse-split-key-dns/ Warning: the security in here is not. -- Wes Hardaker Parsons _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
