[Pdns-users] Rough internet draft

Ardo van Rangelrooij avrangelrooij at alcatel-lucent.com
Fri Jun 13 15:33:37 UTC 2008


Duane wrote:
> Duane wrote:
>> Ardo van Rangelrooij wrote:
>>> Did you consider using IPsec?  Seems to be fitting the bill perfectly...
>> The amount of packets would be excessive in comparison, the ID I'm
>> putting together in some cases wouldn't have any more packets than a
>> regular DNS query.
> 
> Oh and regular DNS queries have the potential to leak a lot of information.

And using IPsec for those solve that issue also...

I am not saying that IPsec is the solution for all security issues but it has 
the big advantage that it is available now and works without requiring changes 
to existing software.

Thanks,
Ardo


More information about the Pdns-users mailing list