Not so: CA attestations in EV certs go further
-
-
NSEC/NSEC3 also require O(logN) tree lookups. O(1) hash is possible without.
-
Bottom line: DNSSEC does make DNS DDOS mitigation much harder.
- 4 more replies
New conversation -
-
-
TC for NS would be really bad for cache refresh (tho mitigated by prefetch)
-
and SRV is supposed to be for interactive use
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.