> On 16 mrt 2008, at 2:16, Mark Andrews wrote:
>
> > Enable DNSSEC validation on the network's servers. At a
> > minimum make them DNSSEC transparent.
>
>
> Is there any software out there for common OSes that does something
> useful with this?
Yes. It is also useful in its own right by protecting the
down stream clients.
Note: DNSSEC validation in the recursive resolver is stage 1
of DNSSEC deployment.
> A more interesting experiment would be to do away with SSL for a bit
> and use IPsec instead. But I think we're far from being finished with
> IPv6. Nearly all IETF mailinglists are still hosted on IPv4-only
> servers, to name just one issue.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
_______________________________________________
IETF mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf
