NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Sender:
Non-Commercial User Constituency <[log in to unmask]>
X-To:
Milton L Mueller <[log in to unmask]>
Date:
Mon, 26 Oct 2009 22:13:55 -0500
Reply-To:
Jorge Amodio <[log in to unmask]>
Subject:
Re: DNS Scaling issues
From:
Jorge Amodio <[log in to unmask]>
Content-Transfer-Encoding:
quoted-printable
In-Reply-To:
<[log in to unmask]>
Content-Type:
text/plain; charset=ISO-8859-1
MIME-Version:
1.0
Parts/Attachments:
text/plain (17 lines) 
>> The root must be signed.
>
> I am moving to the conclusion that the root should not be signed. The crypto-politics involved are increasingly complex and scary, and the root is already too much of a political football. DNSSEC just makes the whole DNS that much more rigid, complex and contentious.

Don't rush your conclusion, I agree with the statement that who signs
what and how is a
a very contentious issue and there is a lot of politics involved, but
the risk for a new
attack is very high.

Read the following article and I'll get back with more comments.

http://searchsecurity.techtarget.com/news/interview/0,289202,sid14_gci1360143,00.html#

Regards
Jorge

ATOM RSS1 RSS2