1 post • joined 6 Apr 2007
DNSSEC has nothing to do with SSL!
Just because DNSSEC is about "Security", you've jumped to the conclusion that this has something to do with the US spying on you. These keys have nothing to do with encryption keys, just like your car key can't open the door to your house.
The point of DNSSEC is to assure that when you go to www.yourbank.com or www.yourcreditcard.com that you aren't at a spoofed site that's trying to steal your identity. It assures that the site's name was resolved through a trusted DNS server. That's it. Nothing more.
Having that key doesn't allow them to unencrypt SSL communications or any kind of coded communications. And the only thing they could do with it is to redirect an entire top-level-domain (.com, .org, etc.) and try to get that redirect to propagate throughout the entire Internet name servers. Do you seriously think that could happen without anyone noticing? And even if they did, what would it accomplish? What would be the point? And if they ever did try it, all an ISP would have to do is ignore the DNSSEC certificates. Everything would work exactly as it does now.
The Internet is what it is today because of not just the US's inventions, but also of it's largely hands-off attitude toward management. If you think the Internet would be better off with China, Brazil, Myanmar, or Zimbabwe managing it, good luck with that.
- JLaw, Kate Upton exposed in celeb nude pics hack
- Google flushes out users of old browsers by serving up CLUNKY, AGED version of search
- GCHQ protesters stick it to British spooks ... by drinking urine
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Something for the Weekend, Sir? If you think 3D printing is just firing blanks, just you wait