[Berlin-wireless] encryption over open wifi
tomas at tuxteam.de
tomas at tuxteam.de
Sa Apr 2 16:24:00 CEST 2022
On Sat, Apr 02, 2022 at 04:03:13PM +0200, Carsten Schiefner wrote:
> On 02.04.2022 13:21, tomas at tuxteam.de wrote:
[...]
> > That would be DNSSEC (it can't be TLS, DNS uses the wrong protocol
> > suite for that). It's not widespread, but it exists.
>
> Ahem...
>
> That does not appear to be entirely correct.
It is not.
> DNSSEC "only" protects the authenticity of the DNS data received - that e.g.
> is that the data has not been altered on its way from the server to the
> requestor. It still is full clear text and can be looked at by any
> interceptor between the server and the requestor.
[...]
You are totally right. Sorry for the confusion.
Cheers
--
t
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 195 bytes
Beschreibung: nicht verfügbar
URL : <https://lists.berlin.freifunk.net/pipermail/berlin/attachments/20220402/6547f6f4/attachment.sig>
Mehr Informationen über die Mailingliste Berlin