dnssec

[Stephane Bortzmeyer]

On Sat, Jul 26, 2008 at 09:00:49PM -0700,
 D. Stussy <spam at bde-arc.ampr.org> wrote 
 a message of 15 lines which said:

> > The question is, what is the hang up?
> 
> A good, secondary reason is that the cost of authentication is privacy.  The
> implementation basically reveals the full contents of a zone, 

This is solved by NSEC 3 (RFC 5155), which will be in the next BIND
(9.6).

In the mean time, you can always use rate-limiting and walk-detection
techniques. ".se" apparently use them, I cannot enumerate the zone.