... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.misc

General topics about computers not cover

21,759 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 20,340 of 21,759

Richard Kettlewell to Grant Taylor

Re: [LINK] Calling time on DNSSEC?

28 Nov 24 08:52:31

   From: invalid@invalid.invalid   
      
   Grant Taylor  writes:   
   > On 11/27/24 02:40, Richard Kettlewell wrote:   
   >> It’s not enough. It can secure the name-to-address mapping but does   
   >> nothing for the security of any data sent or received.   
   >   
   > DNS, without security, doesn't have anything to do with security data   
   > sent or received either.   
   >   
   > Apples and lug-nuts always have been and always will be completely   
   > different things that do completely different things.   
      
   If you’re writing that then I don’t think you understood my point.   
      
   The problem people actually have is exchanging information with websites   
   without anyone else being able to read or modify that data.   
      
   DNSSEC on its own obviously can’t solve that.   
      
   DNS + TLS does solve it, sufficiently well. (Using TLS to include   
   Internet PKI.)   
      
   DNSSEC + TLS would also solve it, but why would someone bother with   
   DNSSEC when DNS+TLS is good enough for their needs?   
      
   --   
   https://www.greenend.org.uk/rjk/   
      
   --- SoupGate-DOS v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]