"useful security is binary". thats great stuff. says nothing - means even
less. theres another great term I've seen the Isociety cabal use whenever
their stuck - "it does not scale".
There are better solutions to the DNS security escapades that are simple and
involve no economic cost to the users at large. DNSSEC is not the answer.
DNSSEC is the nightmare. The solution lies with DNScurve -
http://bit.ly/cjmH2n
The Internet already is a security nightmare - why contribute to it with
DNSSEC. Fix the UDP problem once and for all with DNSCurve. Or something
like it.
DNSSEC is old technology 1024 is a juvenile encryption standard. DNSSEC does
not solve the UDP problem. DNSCurve will.
And I remind IETF members that Dr. Bernstein was the first to address the
UDP port problem. DNScurve will take the DNS to the next step. Ensure the
machine you contacted is the machine you want to speak too.
At least members do something. Because the DNSSEC joke must end. We need
solutions to address the problem that don't end up being a make work
project.
cheers
joe baptista
On Thu, Feb 18, 2010 at 3:08 PM, Masataka Ohta <
mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp> wrote:
David Conrad wrote:
I'm not sure why you are pretending that useful security is binary.
I'm afraid you are saying "DNSSEC or die", while I'm saying
"reasonable security is good enough". Which, do you think,
is binary?
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf