You do not think an attack shall be prevented, for the user's best interest ? We... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		JackSlateur on Feb 16, 2024 \| parent \| context \| favorite \| on: Just one bad packet can bring down a vulnerable DN... You do not think an attack shall be prevented, for the user's best interest ? We shall just let the man-in-the-middle go on, transparently ? I do not agree with you.

mike_d on Feb 19, 2024 [–]

No, I think that is very important which is why I fight against DNSSEC.

Have a look at DNSCurve, it solves many of the problems DNSSEC was attempting to address but with proper transport security. We implemented this at OpenDNS back in 2010 so it would opportunistically use it if available.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact