GreenEngineering3475@lemmy.world to Technology@lemmy.worldEnglish · 8 days agoThe Disappearance of an Internet Domainevery.toexternal-linkmessage-square85fedilinkarrow-up1307arrow-down16
arrow-up1301arrow-down1external-linkThe Disappearance of an Internet Domainevery.toGreenEngineering3475@lemmy.world to Technology@lemmy.worldEnglish · 8 days agomessage-square85fedilink
minus-squareinterdimensionalmeme@lemmy.mllinkfedilinkEnglisharrow-up1·6 days agoAll of them, find one that responds an answer valid for my local saved key. The DNS server is no longer an authority on its own, just your keyring matters.
minus-squareinterdimensionalmeme@lemmy.mllinkfedilinkEnglisharrow-up1arrow-down1·6 days agoThe certificate authorities on my ring that I trust. For normal people that’s already included in their OS or browser
minus-squareNicolaHaskell@lemmy.worldlinkfedilinkEnglisharrow-up1·21 hours agoSo, an authority? It sounds like this would complicate DNSSEC by requiring the “root keys” to be stored outside the DNS itself.
minus-squareinterdimensionalmeme@lemmy.mllinkfedilinkEnglisharrow-up1·15 hours agoWe already have to have key rings. Centralized DNS is just a second, superfluous layer of authority (and a massive grift) on top
All of them, find one that responds an answer valid for my local saved key.
The DNS server is no longer an authority on its own, just your keyring matters.
Who issued the key?
The certificate authorities on my ring that I trust. For normal people that’s already included in their OS or browser
So, an authority? It sounds like this would complicate DNSSEC by requiring the “root keys” to be stored outside the DNS itself.
We already have to have key rings. Centralized DNS is just a second, superfluous layer of authority (and a massive grift) on top