Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe

Theodore Ts'o <tytso(_at_)mit(_dot_)edu> wrote:

Speaking of which, Jim Gettys was trying to tell me yesterday that
BIND refuses to do DNSSEC lookups until the endpoint client has
generated a certificate.


That is wrong. DNSSEC validation affects a whole view - i.e. it is
effectively global.

Clients can request DNSSEC records or not, regardless of whether they do
any transaction security. Clients can do DNSSEC validation without any
private keys.

Tony.
-- 
f.anthony.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, (continued) Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Scott Brim Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Brian Trammell Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Tobias Gondrom Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, John C Klensin Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Pete Resnick Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, John C Klensin Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Pete Resnick Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Scott Brim Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, John C Klensin Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Theodore Ts'o Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Tony Finch <= Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Theodore Ts'o Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Joe Abley Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, John C Klensin Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Tony Finch Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, John C Klensin Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA, Ross Finlayson Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA, Eliot Lear Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA, Tobias Gondrom Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA, Phillip Hallam-Baker Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA, Phillip Hallam-Baker

Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA