Moin!
On 12.03.2009, at 01:10, Joe Baptista wrote:
You poor souls. The DNSSEC monster is vast and complex. So much
easier just to fix the problem instead of this endless gibberish.
It's so complex it's funny when you consider a simple solution like
DNSCURVE -http://dnscurve.org/ - and so much more secure. No man in
the middle issues.
DNSCurve solves a different problem. It's about encryption of DNS
data, while DNSSEC looks on authentication of DNS data. DNSSEC and
DNSCurve are complementary solutions not contradicting solutions.
Oh well - sorry for the interruption - and carry on.
Ahem could I ask why you are carrying my companies logo on your
webpage? If there is an contractual relationship please send me the
details off list, otherwise please remove it.
On the topic DNSKEY or DS keys as trust anchors I would opt for
DNSKEYS as there may be publication of trust anchors that may have
hash/digest algorithms that my resolver/validator doesn't understand.
This already happened to me :-(.
So long
-Ralf
---
Ralf Weber
Platform Infrastructure Manager
Colt Telecom GmbH
Herriotstrasse 4
60528 Frankfurt
Germany
DDI: +49 (0)69 56606 2780 Internal OneDial: 8 491 2780
Fax: +49 (0)69 56606 6280
Email: r...@colt.net
http://www.colt.net/
Data | Voice | Managed Services
Schütze Deine Umwelt | Erst denken, dann drucken
*****************************************
COLT Telecom GmbH, Herriotstraße 4, 60528 Frankfurt/Main, Deutschland
* Tel +49 (0)69 56606 0 * Fax +49 (0)69 56606 2222 *
Geschäftsführer: Dr. Jürgen Hernichel (Vors.), Rita Thies *
Amtsgericht Frankfurt/Main HRB 46123 * USt.-IdNr. DE 197 498 400
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
