Ted Lemon wrote:
No, Ohta-san. It _is_ more secure. Security is relative, not
absolute.
Are you really talking about relative security?
If you are talking about security relative to the amount of
operational effort (that is, money!!!), PODS is definitly
more secure than DNSSEC.
[no hat]
On Tue, Aug 12, 2008 at 12:00:09PM +0900, Masataka Ohta wrote:
Social implementations of DNSSEC may be (or, considering its complexity,
will always be) vulnerable to tampering from any person.
This seems like a strong claim. Are you really just claiming that,
because humans are
On Aug 11, 2008, at 11:00 PM, Masataka Ohta wrote:
If you are talking about security relative to the amount of
operational effort (that is, money!!!), PODS is definitly
more secure than DNSSEC.
I think if you were to try to explain this by presenting real-world
statistical data to support
This message seems to answer many of the questions over the last few
days.
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
-- Forwarded message --
Date: 10 Aug 2008 00:28:22 -
From:
On Mon, 11 Aug 2008, Paul Wouters wrote:
[Paul Wouters is a frequent NANOG poster.]
DNSSEC has been deployed on large scale by some TLD's and RIR's already.
It is very much operational.
Not very much--99 domains out of 70 million in .com.
Your argument would be stronger if you identified
On Tue, 12 Aug 2008, Mark Andrews wrote:
TCP, port randomisation, 0x20, EDNS PING etc. all leave gapping holes
in the security model which are being exploited today.
I don't know of any TCP exploits today. Though TCP is not secure against
anyone in the path of the packets, its pretty
On 12 Aug 2008, at 14:50, Dean Anderson wrote:
On Tue, 12 Aug 2008, Mark Andrews wrote:
TCP, port randomisation, 0x20, EDNS PING etc. all leave gapping holes
in the security model which are being exploited today.
I don't know of any TCP exploits today.
Imagine being able to intercept
