Y
Hacker News
new
|
ask
|
show
|
jobs
by
quickthrower2
915 days ago
Which leads us back to needing caching, which needs a signatory, and a list of trusted signatory, which gets us back to certificate authorities. Gotcha :-).
1 comments
stephenr
915 days ago
Caching is something DNS already has in-hand.
link
quickthrower2
915 days ago
Using a distributed MITM system!
https://www.cloudflare.com/en-au/learning/dns/dns-cache-pois...
link
stephenr
914 days ago
Perhaps you're unaware, but that problem can be largely mitigated by DNSSEC, which is why it's considered a requirement to make DANE practical.
link