ietf
[Top] [All Lists]

Re: DNSCurve vs. DNSSEC - FIGHT!

2010-02-26 03:24:04
Florian Weimer wrote:

As DNSCurve protection is like DH, it is subject to MitM attacks,
which is no different from simple nonce.

I think the expectation is that you learn the server names (and hence
their keys) of child zones from parents, under DNSCurve's
cryptographic protection.  This is slightly different from plain DH.

No, it is not expected that gtld servers will become
"???????????????????????????????????????????????????.gtld-servers.net",
only to cause message size overflow.

                                                Masataka Ohta


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>