> However, > this would require DNSSEC to be secure (which itself seems to be mired > in controvery lately, not to mention the slow rate of adoption)
Do you have a reference for that. I know of the controversy around DNSCURVE before DNSSEC even arrived but haven't seen any of late. Is it to do with the restriction of key length by dns record size and use of RSA rather than ecdsa which offers more security to key length ratio or something else? -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) _______________________________________________________________________
