On Wed, Feb 24, 2010 at 10:00:34AM -0500, Phillip Hallam-Baker wrote:
I took a look at DNSCurve. Some points:
* It could certainly win.
If, just one time, the people involved in these conversations would
say what "win" means in this context, I would be a much happier
person. (Those who know me will observe that that's not saying much.)
It is by no means plain to me that DNSCurve and DNSSEC solve the same
problems. It's hard to say how one can win over the other in that
case.
* It is designed as a hack rather than an extension.
This sounds to me like an argument over taste, and I don't think that
it's useful to debate it.
* It considers real world requirements that DNSSEC does not.
And it fails to address real world requirements that DNSSEC did. So
what? DNSSEC doesn't solve everything that TLS does, either. This is
the _Internet_. Having different solutions to different problems is a
good thing, not a reason to have a Protestants vs. Catholics fight.
A
--
Andrew Sullivan
ajs(_at_)shinkuro(_dot_)com
Shinkuro, Inc.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf