David Conrad wrote:
Given that it is pretty easy to predict a subset of the queries a
given server will issue in a give time frame, using SCTP can improve
reliability better than adding another 32bit random number.
1) It isn't easy
What did your mail server look up after receiving this message?
2) That's not what DNSSEC does (if that's what you're implying).
It's what the patch has reinforced. SCTP is more secure than the
patched bind, yet easier than DNSSEC. (Or, if you prefer to avoid
SCTP, it is less secure than DNSSEC, and more difficult than patching
bind.)
This is why dnscurve is just an academic experiment that can never
leave the lab for the real world.
IMHO, avoiding to base the Internet on an encumbered algorithm is
another good reason :-/
Huh? What are you talking about?
http://en.wikipedia.org/wiki/ECC_patents
https://datatracker.ietf.org/ipr/1154/
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf