tsig

[Gamer]

>AFAIK, neither of those actually encrypt the *data* in the DNS packets.
>They just provide crypto-authentication. The purpose of DNS is to
>publish information, after all, so most of the security efforts are
>aimed at making the information *trustworthy* rather than indecipherable.

Ok, I agree, but the fact that someone could read all those records,
doesnt he get a
pretty good picture of the network infrastructure?
My concern is, if I would be admin of a very huge private network and
extern communication is only
possible via proxy servers.Which reasons could there be to implement
DNSSEC?