SourceAllegations regarding DNSSEC's ability to help nosey intelligence agencies were levelled by Thomas Ptacek, founder of Matasano Security, earlier this year. Ptacek's blogpost alleged that DNSSEC was unnecessary, a government-controlled public key infrastructure, cryptographically weak, expensive to adopt, expensive to deploy, unsafe, incomplete, and architecturally unsound.
Ptacek also stated that "DNSSEC doesn't have to happen."
If you’re running systems carefully today, no security problem you have gets solved by deploying DNSSEC. But lots of other problems — software maintenance, network operations, user support, protecting your secrets from NSA/GCHQ — get harder.
It is not only CloudFlare disagreeing with Ptacek, however. Zachary Lym, the lead UX engineer at Namecoin, wrote in response that "DNSSEC is vital to the security of the internet" and offered a counterpoint to each of Ptacek's claims.
Industry news items concerning VPNs, darknets, crypto, surveillance and secure computing.
1 post • Page 1 of 1