In message <874c02a20906010608p3e7fbdd3wa31c9ea5452a7ab9@xxxxxxxxxxxxxx>, Joe Baptista writes: > On Mon, Jun 1, 2009 at 12:30 AM, Mark Andrews <marka@xxxxxxx> wrote: > > > > > If you believe that I have a bridge to sell you. > > > Keep the bridge - it's all yours. Remember - in order to sell the bridge > you first have to own it. Your convenced you have something to sell. I am > not. > > > > Totally different from DNSSEC. > > > > > > You can disagree all you want but it doesn't change the > > fact that DNSSEC and DNSCurve both have chains of trusts. > > The proponents of DNSCurve even say this. > > > > Note the chain of trust as described on > > http://www.dnscurve.org/tld.html/. > > > The correct URL is http://www.dnscurve.org/tld.html not > http://www.dnscurve.org/tld.html/ > > And yet again - it has nothing to do with chains of trust. It does learn > how to trust and whom to trust. Thats part of the job. What DNSCurve does > do is it "adds link-level public-key protection to DNS packets" therefore > guaranteeing the integrity of the packets end to end. DNSCurve protects authoritative server to iterative resolver if and only if you can authenticate the names of the nameservers and that they are supposed to be serving the zone you are querying against. If you can't do that then you are just talking to some random server using a cryptographic channel and you shouldn't be trusting the results. > Totally different from DNSSEC which indeed uses chains of trust - i.e. root > to tld to sld etc.etc. And DNSCurve uses chains of trust from root servers to tld servers to sld servers etc. etc. > I am totally amazed at the propaganda that comes out of ISC these days. > When you guys start comparing DNSSEC to DNSCurve - we'll - all I can say is > this - I have this really nice bridge on the Hudson I'd like to sell you > that will compliment the bridge you've already have. > cheers > joe baptista > > -- > Joe Baptista > > www.publicroot.org > PublicRoot Consortium > ---------------------------------------------------------------- > The future of the Internet is Open, Transparent, Inclusive, Representative & > Accountable to the Internet community @large. > ---------------------------------------------------------------- > Office: +1 (360) 526-6077 (extension 052) > Fax: +1 (509) 479-0084 > > Personal: www.joebaptista.wordpress.com > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf