[liberationtech] decentralized DNS... What's the state of DNSSEC implementation by those on this list.. ?
James Losey
jameswlosey at gmail.com
Thu Mar 15 07:25:41 PDT 2012
If the registry is wrong on a global level I can see where DNSSEC might not
be sufficient. However, if a man-in-the-middle attack attempts to spook an
attack to users in one region isn't this a case where DNSSEC would be
effective, and result in an error
code<http://www.iana.org/assignments/dns-parameters>?
My understanding is that implementation of DNSSEC limits the ability for
lazy censorship such as filtering queries (unless they simply gave a
false "Non-Existent
Domain" return code) or redirecting queries to other websites, both of
which would be goals of interest to members of this list.
Best,
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120315/d6a5c419/attachment.html>
More information about the liberationtech
mailing list