OpenDNS today announced it has adopted DNSCurve to secure DNS
Joe Baptista
baptista at publicroot.org
Thu Feb 25 03:02:26 UTC 2010
On Wed, Feb 24, 2010 at 11:33 AM, Evan Hunt <each at isc.org> wrote:
> > Thats not the case with DNScurve. Again I stress - over 20 billion
> > requests per day at OpenDNS are DNScurve compatible. The traffic in
> > DNSSEC is chicken feed compared to DNScurve.
>
> ORG and GOV and quite a lot of the ccTLD's are "DNSSEC compatible", so I
> don't actually think it'd be much of a horserace if compatibility is all
> you're looking for.
I agree they are both DNSSEC compatible but .GOV has only deployed DNSSEC in
20% of it's zones. I'm not sure what the percentage is in .ORG - 5% ? less ?
is it even 1% of the zones? The make work project continues.
Thats what I like about DNScurve. No make work projects.
But I get your point.
> What'll be interesting is how many queries the root
> and TLD servers start seeing for uz5*/NS.
>
It's going to be interesting to watch. I guess that depends on if DNSSEC is
turned on by default in BIND. Incidentally - is it?
regards
joe baptista
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100224/3c3f8aec/attachment.html>
More information about the bind-users
mailing list