[Top] [All Lists]

Re: experiments in the ietf week

2008-03-19 05:34:43
At Wed, 19 Mar 2008 22:59:52 +1100,
Mark Andrews wrote:

At Sun, 16 Mar 2008 19:44:12 +0100,
Iljitsch van Beijnum wrote:

On 16 mrt 2008, at 2:16, Mark Andrews wrote:

        Enable DNSSEC validation on the network's servers.  At a
        minimum make them DNSSEC transparent.

Is there any software out there for common OSes that does something  
useful with this?

A more interesting experiment would be to do away with SSL for a bit  
and use IPsec instead. 

Why would this be either interesting or desirable?

      DNSSEC transparency is important for machines on the IPv6
      only net trying to validate answers off IPv4 only servers.

      Validatation is useful for protecting the resolvers themselves.

I was referring to Iljitsch's suggestion about SSL and IPsec, not
the suggestion about DNSSEC.

IETF mailing list

<Prev in Thread] Current Thread [Next in Thread>