tcp/udp, clarification please

Kevin Darcy kcd at
Tue Oct 16 21:12:13 UTC 2001

those who know me have no need of my name wrote:

> <9q4bp5$6bs at> divulged:
> >how would having no TCP access to my DNS servers prevent adoption of better
> >security tools?
> you've already been told, but i'll say it differently, in case it helps ...
> if you want others to be able to trust your server's responses you might
> want to deploy gsstsig.

Hmmm... Did you really mean "gsstsig" here? Or did you mean DNSSEC generically?
IMHO GSS-TSIG is *not* the future of DNS security, just an annoying dead-end...

- Kevin

More information about the bind-users mailing list