Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] RFC: comments on discovery mechanisms

Jacob Appelbaum jacob at
Fri Dec 3 12:00:41 PST 2010

On 12/03/2010 02:48 PM, David-Sarah Hopwood wrote:
> DNSSEC might prevent forgery, but cannot prevent blocking.

This is my major point of frustration with DNSSEC. It is easy to provide
query privacy for clients and some important DNSSEC people don't
understand why this is important.

My attempts to discuss this with DNSSEC people usually ends in
frustration. They see no point in privacy for a user's queries if they
intend to directly connect to the site. Of course if the site has TLS,
the game changes and DNSSEC becomes the weakest privacy link.


All the best,

More information about the liberationtech mailing list