OpenDNS today announced it has adopted DNSCurve to secure DNS

Joe Baptista baptista at publicroot.org
Thu Feb 25 03:02:26 UTC 2010


On Wed, Feb 24, 2010 at 11:33 AM, Evan Hunt <each at isc.org> wrote:

> > Thats not the case with DNScurve. Again I stress - over 20 billion
> > requests per day at OpenDNS are DNScurve compatible. The traffic in
> > DNSSEC is chicken feed compared to DNScurve.
>
> ORG and GOV and quite a lot of the ccTLD's are "DNSSEC compatible", so I
> don't actually think it'd be much of a horserace if compatibility is all
> you're looking for.


I agree they are both DNSSEC compatible but .GOV has only deployed DNSSEC in
20% of it's zones. I'm not sure what the percentage is in .ORG - 5% ? less ?
is it even 1% of the zones? The make work project continues.

Thats what I like about DNScurve. No make work projects.

But I get your point.


>  What'll be interesting is how many queries the root
> and TLD servers start seeing for uz5*/NS.
>

It's going to be interesting to watch. I guess that depends on if DNSSEC is
turned on by default in BIND. Incidentally - is it?

regards
joe baptista
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100224/3c3f8aec/attachment.html>


More information about the bind-users mailing list