Alice Wonder wrote:
> On 04/27/2016 01:21 AM, Brandon Vincent wrote:
>> On Wed, Apr 27, 2016 at 1:10 AM, Rob Kampen <rkampen@xxxxxxxxxxxxxxxxx>
wrote:
>>> Sounds good, but how many domain MX servers have set up these
>>> fingerprint keys - 1%, maybe 2%, so how do you code for that? I guess
I'm thinking
>>> it uses it if available. So even if you do post it on your DNS, how
many clients out there are using DANE on their set up? By the time it
becomes more than a tiny % and generally useful, it will be in CentOS 8.
It
>>> also requires certificates to be implemented more ubiquitously than at
present - although we do now have affordable solutions, so this one may
resolve
>>> more quickly.
>>
> Security and Privacy on the Internet are both severely broken.
>
> If you read the white papers from when the Internet was first being
designed, security was rarely even mentioned.
<snip>
Just as a point of information, when those RFCs were written, the Internet
was *only* for US gov't, and selected research and educational
organizations, and NO ONE else. The open 'Net only came in in the nineties
- so security wasn't broken and insecure, back then there was physical
security and careful selection as to who was allowed on, at all.
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
