[dns-operations] nsec vs nsec3 use
Grant Taylor
gtaylor at tnetconsulting.net
Tue Apr 13 15:58:16 UTC 2021
Hi Viktor,
On 4/12/21 7:51 PM, Viktor Dukhovni wrote:
> my advice is to use NSEC unless you have an absolutely compelling
> case to attempt to deter zone enumeration
Would you please elaborate on why that is your opinion / advice?
It seems contrary to the litmus test of which is more secure vs
difficult to implement.
I'm trying to understand your thought process and subsequently make a
more informed decision myself.
Thank you for your time.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4013 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20210413/e3a255df/attachment.bin>
More information about the dns-operations
mailing list