* Nicolai <nicolai-om...@chocolatine.org> [2013-10-24 18:49]: > On Thu, Oct 24, 2013 at 10:35:51AM -0400, Predrag Punosevac wrote: > > > We are looking to move to something little bit more secure with DNSSEC > > support out of box. > > The "security" you'd get with DNSSEC would be tiny in comparison to > problems in reliability. For realistic security, you'd get far more by > choosing 1) a registrar without a history of compromises, and 2) a DNS > Provider that uses something other than BIND. NSD is in base.
wise advice. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
