[Top] [All Lists]

Re: experiments in the ietf week

2008-03-16 16:46:43

On 16 mrt 2008, at 2:16, Mark Andrews wrote:

    Enable DNSSEC validation on the network's servers.  At a
    minimum make them DNSSEC transparent.

Is there any software out there for common OSes that does something  
useful with this?

        Yes.  It is also useful in its own right by protecting the
        down stream clients.

        Note: DNSSEC validation in the recursive resolver is stage 1
        of DNSSEC deployment.
A more interesting experiment would be to do away with SSL for a bit  
and use IPsec instead. But I think we're far from being finished with  
IPv6. Nearly all IETF mailinglists are still hosted on IPv4-only  
servers, to name just one issue.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews(_at_)isc(_dot_)org
IETF mailing list