On Fri, Sep 27, 2013 at 11:41:25AM -0700, Karl Malbrain <[email protected]> wrote a message of 138 lines which said:
> I'm concerned about three DNS security problems: You're not concerned about the fact that DNS servers (your resolver, and the authoritative name servers) get a lot of data and can misuse it? It seems to be that it is one of the main weaknesses of DNS, when it comes to confidentiality. A big public resolver, like OpenDNS or Google Public DNS (both located in PRISMland) can learn a lot of things about its users (this has been used often to detect malware, only from its DNS requests, but it could be used for more sinister purposes). A big TLD (say, for example, .com, also located in PRISMland) can also learn a lot. And no amount of cryptographe between the client and this server will help. _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
