OpenDNS today announced it has adopted DNSCurve to secure DNS
Sam Wilson
Sam.Wilson at ed.ac.uk
Wed Feb 24 17:42:06 UTC 2010
In article <mailman.608.1267031100.21153.bind-users at lists.isc.org>,
Chris Thompson <cet1 at cam.ac.uk> wrote:
> On Feb 24 2010, Evan Hunt wrote:
>
> >> Thats not the case with DNScurve. Again I stress - over 20 billion
> >> requests per day at OpenDNS are DNScurve compatible. The traffic in
> >> DNSSEC is chicken feed compared to DNScurve.
> >
> >ORG and GOV and quite a lot of the ccTLD's are "DNSSEC compatible", so I
> >don't actually think it'd be much of a horserace if compatibility is all
> >you're looking for. What'll be interesting is how many queries the root
> >and TLD servers start seeing for uz5*/NS.
>
> If OpenDNS really believe that DNScurve is the way of the future, why
> don't they have such NS records for opendns.com?
And what effect will 54-character names for nameservers have when the
description recommends against using TCP or UDP with packets longer than
512 bytes (EDNS0, anyone?).
Actually the idea of encoding your public key your name, whilst
superficially neat, sounds like a killer to me. How will I ever
remember which server is which?
Has anyone found any uz5* servers out there yet?
Sam
More information about the bind-users
mailing list