In message <camcdhonqqyuzd5cllzmbkw1tjq5h6qmle9lljo4z_h4d3co...@mail.gmail.com> , Josh Hoppes writes: > Also consider the significant increased load on DNS servers to > handling the constant stream of dynamic DNS updates to make this > possible, and that you have to find some reliable trust mechanism to > handle these updates because with out that you just made man in the > middle attacks a just a little bit easier.
The DNS already supports cryptographically authenticated updates. There is a good chance that your DHCP server used one of the methods below when you got your lease. SIG(0), TSIG and GSS_TSIG all scale appropiately for this. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected]
