LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

DNSCurve: an alternative to DNSSEC

DNSCurve: an alternative to DNSSEC

Posted Jul 9, 2009 8:15 UTC (Thu) by Tobu (subscriber, #24111)
Parent article: DNSCurve: an alternative to DNSSEC

A few criticisms of DNSCurve from Stéphane Bortzmeyer's blog:

  • The encryption algorithm is hard-coded in the protocol. Not many algorithms are suitable due to limits on record length.
  • DNSCurve secures the conduit, not the message. It can't be used to protect against malicious caches, and isn't a functionnal equivalent to DNSSEC.

(Log in to post comments)

DNSCurve: an alternative to DNSSEC

Posted Jul 13, 2009 12:48 UTC (Mon) by alankila (subscriber, #47141) [Link]

The elliptic curve is defined on function y² = x³ + 486662 * x² + x. Since it contains the number of the beast, and everyone will need to use this number before they can do commerce on the internet, I predict that this technology will not be adopted.

DNSCurve: an alternative to DNSSEC

Posted Jul 13, 2009 15:00 UTC (Mon) by foom (subscriber, #14868) [Link]

Just call it 0x76d06 and all will be well. :)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds