tcp/udp, clarification please
Kevin Darcy
kcd at daimlerchrysler.com
Tue Oct 16 21:12:13 UTC 2001
those who know me have no need of my name wrote:
> <9q4bp5$6bs at pub3.rc.vix.com> divulged:
>
> >how would having no TCP access to my DNS servers prevent adoption of better
> >security tools?
>
> you've already been told, but i'll say it differently, in case it helps ...
> if you want others to be able to trust your server's responses you might
> want to deploy gsstsig.
Hmmm... Did you really mean "gsstsig" here? Or did you mean DNSSEC generically?
IMHO GSS-TSIG is *not* the future of DNS security, just an annoying dead-end...
- Kevin
More information about the bind-users
mailing list