You're definitely on track, although I was referring to D.J.
Bernstein's recent slides: http://cr.yp.to/talks/2012.06.04/slides.pdf
In these, he does bring up the same problems again that his DNSCURVE
purported to solve, about weak algorithms, signing (or lack of),
forgeries, and UDP amplification
On Thu, Aug 23, 2012 at 12:08 PM, Ted Unangst wrote:
people designing the protocol never got that far.
>
> Anyway the workaround du jour is certificate pinning. Your browser is
> supposed to remember the cert used for the previous connection and
> warn if it changes, which reduces the window of o
In my limited experience with ipv6, this has been the case. The
provider has you on a /64 of their own (not part of your /48), so your
WAN interface would have one of their IP's on it, and they should tell
you exactly what it should be. Just as it's done in IPv4. Your own
personal /48 is then route
3 matches
Mail list logo