Re: Rechtswirksamkeit von Mails

* Detlef Bosau wrote:
Lutz Donnerhacke wrote:
* Wolfgang Ewert wrote:
Ok, bin ich eingestiegen, ich wollte auf die generelle Manipulierbarkeit
des DNS

DNSSEC ist seit sechs Jahren Standard.

Was wieder einmal die Frage nach der Glaubwürdigkeit und Authentizität
digitaler Signaturen aufwirft. Das mag jetzt pointiert klingen. Aber
solange hier Benutzern nicht vertraut ist, wie sie damit umzugehen
haben, nützen die mir nur sehr bedingt.

DNSSEC bietet Dir eine zentrale und administrativ gepflegte Infrastruktur.
Der Nutzer merkt davon genauso viel wie von bisherigem DNS.
Nur die Fälschungen sind weg.


Die ersten Root-Server delegieren Einträge für 'se.'.
.

Relevant Pages

  • RE: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500
    ... currently relevant reason for DNS responses to be over 512 bytes in size. ... to a 'proposed standard' RFC and mentioned only DNSSEC as an example, ... use nym-based security, since there isn't any software that supports it. ...
    (Firewall-Wizards)
  • Re: [fw-wiz] DNS vs. Bernstein
    ... > using nym-based security and then discussed why it is not practical. ... I want to point out that ``DNSSEC requirements'' are not a credible reason ... simply the idea that names embed links to their keys. ... DNS names that look like ``rkjhf934f.sockpuppet.org''. ...
    (Firewall-Wizards)
  • Re: FreeBSD 7.1 and BIND exploit
    ... The problem is that _using_ DNSSEC requires configuration changes in ... an annoyance DNSSEC is, a friend of mine who used to work at Nominum ... DNS, for most people, is expected to be a "simple thing". ... servers are separate. ...
    (freebsd-stable)
  • RE: recursive DNS servers DDoS as a growing DDoS problem
    ... Especially dangerous when it's DNS which runs virtually every function on ... The control point is there already, as has been demonstrated by several ... That must be avoided and the end-to-end capability of the Internet ... At least one TLD has DNSSEC in production, ...
    (Bugtraq)