tcp/udp, clarification please

Kevin Darcy kcd at daimlerchrysler.com
Tue Oct 16 21:12:13 UTC 2001


those who know me have no need of my name wrote:

> <9q4bp5$6bs at pub3.rc.vix.com> divulged:
>
> >how would having no TCP access to my DNS servers prevent adoption of better
> >security tools?
>
> you've already been told, but i'll say it differently, in case it helps ...
> if you want others to be able to trust your server's responses you might
> want to deploy gsstsig.

Hmmm... Did you really mean "gsstsig" here? Or did you mean DNSSEC generically?
IMHO GSS-TSIG is *not* the future of DNS security, just an annoying dead-end...


- Kevin





More information about the bind-users mailing list