Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] decentralized DNS... What's the state of DNSSEC implementation by those on this list.. ?

Seth David Schoen schoen at
Thu Mar 15 06:54:59 PDT 2012

Bill Woodcock writes:

> Governments are sovereign, when they want to take something, they can
> do so. That won't change. Making it very clear what's been hijacked
> versus what is legitimate, on the other hand, is well within the
> capabilities of technology, and exactly the point of DNSSEC. If
> a domain has been hijacked, I'm going to look elsewhere for the
> legitimate data, regardless of who did the hijacking, or why they
> thought it was reasonable. That's the point of DNSSEC.

DNSSEC has little relevance to the threats that motivated this thread,
because it doesn't help if you disagree with the registry about what
"hijacked" and "legitimate" mean.  There are lots of real Internet
threats that DNSSEC mitigates -- where you _do_ want to know what the
registry thinks and someone else wants to interfere or substitute
their view for the registry's -- but if you think the registry can
be wrong (or is wrong!), DNSSEC can't help you.

Seth Schoen  <schoen at>
Senior Staff Technologist             
Electronic Frontier Foundation        
454 Shotwell Street, San Francisco, CA  94110   +1 415 436 9333 x107

More information about the liberationtech mailing list