ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

DNSSEC was never designed for transport end to end security

2009-06-05 07:14:36
from [Bill Manning] [Permanent Link] 

So quit trying to be a dead horse that is not even there.
If you are so interested in transport layer security, then
by all means, encourage, promote, and develop solutions.

STCP is one such measure.  IPSEC is another.  there are 
many choices.

transport level security (integrity, authenticity) are orthoginal
to application level security (DNSSEC, SSH, HTTPS, etc)

DNSSEC was never designed to provide or assure end to end security
as seen at the transport layer.  It couldn't, since its not a transport
protocol.

or is there some subtle nuance that I am missing in your arguement
that is being overshadowed by your strident insistance that DNSSEC is
not secure end to end.  I agree with you that it is not, and I say
so what... thats not what it was designed for.  



-- 
--bill

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: draft-ietf-opsawg-operations-and-management(Guidelinesfor Considering Operations and Management of NewProtocols and ProtocolExtensions) to BCP, Tom.Petch
Next by Date:  DNSSEC is NOT secure end to end, Masataka Ohta
Previous by Thread:  Re: DNSSEC is NOT secure end to end (more tutorial than debating), Masataka Ohta
Next by Thread:  DNSSEC is NOT secure end to end, Masataka Ohta
Indexes:  [Date] [Thread] [Top] [All Lists]