[dns-operations] A Case Against DNSSEC (A Matasano Miniseries)

Rodney Joffe rjoffe at centergate.com
Tue Apr 3 17:32:57 UTC 2007


I hate to be sucked in to troll-bait based threads. However...

On Apr 2, 2007, at 11:20 PM, Patrik Fältström wrote:

>
> I do not agree at all with this note. With reasoning like that, it is
> possible to reject all of the security measures we can apply to some
> exchange of data over the Internet.
>
> The reality is that we can not find one solution that fixes all of
> the security issues we can come up with. Instead we need all security
> measures we can invent. Yes, all of them. Because only with multiple
> pieces of the puzzle we can get the environment we all need.

I remain (October 2002) convinced that no matter what "solution[s]"  
we end up with, we'll *have* to include a control plane, in some form  
or another.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2425 bytes
Desc: not available
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20070403/98718572/attachment.bin>


More information about the dns-operations mailing list