Maintained by: NLnet Labs

[Unbound-users] [Bulk] Re: Insisting on DNSSEC

Kevin Chadwick
Tue Jan 14 19:35:30 CET 2014


previously on this list Rick van Rein contributed:

> I’d like to trust the signed portion of DNS, and build security systems on top of that.

You might want to bear in mind certainly for future proofing being able
to differentiate signed 768 bit RSA from ECC signed responses.

-- 
_______________________________________________________________________

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd
_______________________________________________________________________