Florian Weimer wrote:
>>As DNSCurve protection is like DH, it is subject to MitM attacks,
>>which is no different from simple nonce.
> I think the expectation is that you learn the server names (and hence
> their keys) of child zones from parents, under DNSCurve's
> cryptographic protection. This is slightly different from plain DH.
No, it is not expected that gtld servers will become
"???????????????????????????????????????????????????.gtld-servers.net",
only to cause message size overflow.
Masataka Ohta
_______________________________________________
Ietf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf
