On 25 Feb 2010, at 14:14, Tony Finch wrote: On Thu, 25 Feb 2010, Sabahattin Gucukoglu wrote: >> I'm thinking that maybe there's something in having DNSCurve be used for >> one leg of the journey, between customer and cache. > > That won't work because DNScurve gets its key from the server name, but > recursive servers are configured by IP address not by name. We would have to initialise clients, perhaps with a local DHCP option, giving the initial key. I don't see how you get full trust any other way. Cheers, Sabahattin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf