[dns-operations] Introducing DNSCrypt
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue Dec 6 17:01:58 UTC 2011
On Tue, Dec 06, 2011 at 02:26:55PM -0200,
Rubens Kuhl <rubensk at nic.br> wrote
a message of 107 lines which said:
> IPSEC
IPsec is clearly not deployed. There are many reasons for that but one
of the most important seem to be the difficulty to distribute
keys. Relying on IPsec to secure DNS is not realistic.
> SSL
You mean DTLS (the old SSL protocol requires TCP)? It is not widely
deployed yet but seems an interesting approach.
More information about the dns-operations
mailing list