So quit trying to be a dead horse that is not even there.
If you are so interested in transport layer security, then
by all means, encourage, promote, and develop solutions.
STCP is one such measure. IPSEC is another. there are
many choices.
transport level security (integrity, authenticity) are orthoginal
to application level security (DNSSEC, SSH, HTTPS, etc)
DNSSEC was never designed to provide or assure end to end security
as seen at the transport layer. It couldn't, since its not a transport
protocol.
or is there some subtle nuance that I am missing in your arguement
that is being overshadowed by your strident insistance that DNSSEC is
not secure end to end. I agree with you that it is not, and I say
so what... thats not what it was designed for.
--
--bill
Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf