> On Oct 20, 2014, at 1:25 AM, Stephane Bortzmeyer <[email protected]> wrote: > > On Tue, Oct 14, 2014 at 10:04:14AM -0400, > Paul Wouters <[email protected]> wrote > a message of 80 lines which said: > >> I understand your wish for dnscurve to be useful, but it is >> unfortunately not more than that. dnscurve authenticates and >> encrypts traffic from stub to auth servers. It's core to its >> design. If you take that away, you are left with "some specific ECC >> curve encryption". > > I disagree here. The work to "port" DNScurve to the stub-to-resolver > link has already been done. It is called DNScrypt > <http://dnscrypt.org/>. It is actually deployed > <http://www.opendns.com/about/innovations/dnscrypt/>
And, after many attempts by people here, it is still undocumented. The is a bit of a protocol description, but it is fairly incomprehensible, other than "we're using great crypto!". --Paul Hoffman _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
