And DNSSEC is a step backwards, now that we've eliminated RSA-1024 form CA ecosystem
1/ online signing is much more expensive than an O(1) lookup so point is moot
-
-
2/ offline key is literally the only crypto advantage DNSSEC has - and you throw it away?
-
DNSSEC needs to have offline for root and com, not universally. Engineering tradeoffs.
- 1 more reply
New conversation -
-
-
Engineering tradeoffs -- there's operational costs to getting that O(1) that have own O
-
to put it bluntly you can undermodel a problem and get the wrong O()
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.