so you need to have a more "secure" dns because you don't trust your ssl?
On Sun, Jan 24, 2010 at 2:18 AM, erik quanstrom <quans...@quanstro.net> wrote: >> > doesn't work with the recent renegotiation bug. >> >> disable renegotiation. >> >> > but i don't >> > think one can dismiss dns as a non-issue. >> >> dns is a non-issue if the rest of ssl is working. >> dns is irrelevant if it isn't. > > the renegotiation bug is a protocol flaw. i'm > not so sure i trust ssl enough to decide i don't > care of dns gets hijacked. > > - erik > >