[Berlin-wireless] encryption over open wifi

tomas at tuxteam.de tomas at tuxteam.de
Sa Apr 2 16:24:00 CEST 2022

On Sat, Apr 02, 2022 at 04:03:13PM +0200, Carsten Schiefner wrote:
> On 02.04.2022 13:21, tomas at tuxteam.de wrote:


> > That would be DNSSEC (it can't be TLS, DNS uses the wrong protocol
> > suite for that). It's not widespread, but it exists.
> Ahem...
> That does not appear to be entirely correct.

It is not.

> DNSSEC "only" protects the authenticity of the DNS data received - that e.g.
> is that the data has not been altered on its way from the server to the
> requestor. It still is full clear text and can be looked at by any
> interceptor between the server and the requestor.


You are totally right. Sorry for the confusion.

-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 195 bytes
Beschreibung: nicht verfügbar
URL         : <https://lists.berlin.freifunk.net/pipermail/berlin/attachments/20220402/6547f6f4/attachment.sig>

Mehr Informationen über die Mailingliste Berlin