|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
X-Original-To: cryptography@metzdowd.com X-Original-To: cryptography@metzdowd.com Date: Tue, 06 Jun 2006 08:14:46 +1000 From: "James A. Donald" <jamesd@echeque.com> To: cryptography@metzdowd.com In-Reply-To: <4483796B.3060502@connotech.com> Thomas Harold: > > I do suspect at some point that the lightweight > > nature of DNS will give way to a heavier, encrypted > > or signed protocol. Economic factors will probably > > be the driving force (online banking). Thierry Moreau wrote: > E.g. RFC4033, RFC4034, RFC4035. Well I wish it was going to happen, but right now measures that are already deployed are not being used. Except for e-gold, businesses under phishing attack are not signing their email. Since the proposed DNS signing relies on trusted root keys transmitted out of band, it is not going to be deployed either, for much the same reasons. We need a one click solution like SSH, or a zero click solution like Skype. And the proposed solution involves too many connections. Any solution has to fit in a UDP datagram. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |