[Cryptography] Preliminary review of the other Applied Cryptography
Guido Witmond
guido at witmond.nl
Mon Apr 14 06:02:46 EDT 2014
On 04/14/14 07:55, Viktor Dukhovni wrote:
> On Sun, Apr 13, 2014 at 12:08:42PM -0400, ianG wrote:
>
>>> Of course all of this is predicated on the notion that the DNSSEC
>>> last-mile problems will be solved, which may require pressure for
>>> them to be solved, which may require some non-trivial adoption, a
>>> catch-22 perhaps.
>> What is the DNSSEC last-mile problem? It's the week for displaying
>> ignorance, seemingly.
>
> DNSSEC works fine on the Internet backbone, but is not yet widely
> compatible with "last-mile" networks. Various hotel, airport,
> coffee-shop captive portals, behind some firewalls, ...
I wonder how big a problem this is, most of the jet-set already have
VPN-tunnels to their corporate back office. Or they tether using their
smart phone, routing around the broken portal.
In my limited hotel-hopping experience, the more expensive the hotel,
the more likely to see crappy portals. Cheap hotels just give you their
guest password.
Don't wait until the theoretical roadblocks are gone, other people will
take those out when they experience them.
All the more reason to push browser vendors to implement
DNSSEC-validation into their Products. This will show that those portals
are 'defective'.
This last-mile problem will solve itself.
Regards, Guido Witmond
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140414/c8ab179d/attachment.pgp>
More information about the cryptography
mailing list