[Cryptography] Against against DNS (Re: New SSL/TLS certs to each live no longer than 47) days by 2029
Ron Garret
ron at flownet.com
Thu Apr 24 03:15:10 EDT 2025
> On Apr 23, 2025, at 5:17 PM, Bill Woodcock <woody at pch.net> wrote:
>
> So I care a lot about DNSSEC, because it’s something I can build a reasonably secure system with
How? That's not a rhetorical question, I'm genuinely curious. I get that secure DNS is better than insecure DNS. What I don't get is why you think that secure DNS *by itself* is *better* than CA certs.
rg
More information about the cryptography
mailing list