On Tue, Sep 24, 2013 at 11:31:10PM +1200, Andy Wilson <[email protected]> wrote a message of 104 lines which said:
> Have you seen DNSCurve? http://dnscurve.org/ Channel-security solutions like the non-standard and poorly documented DNScurve provide confidentiality against a passive third-party observer. Not against the operators of the authoritative name servers who see a lot of traffic and can share it with others. (For instance, several of the root name servers are managed by the US army or a US government agency.) Not to mention the resolvers of the ISP or the big open resolvers like OpenDNS or Google Public DNS, both based in PRISMland. (They see even more since the caching does not "protect" against them.) To summary, modify DNS to ensure confidentiality is highly non-trivial. _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
