Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Your rebuttal would be a lot more convincing if it were more specific. For example:

> DNSSEC is Cryptographically Weak Nope, it isn't.

So you're saying that 1024-bit RSA keys are just dandy? You're saying that PKCS1v15 padding is a good idea?



DNSSEC does not mandate any cryptography algorithm. Why are you associating it with 1024 bit RSA? (I know, because some article appeared here that claimed it was limited to this. It isn't, and most roots do not use it.)


No article claimed that DNSSEC was limited to RSA-1024, and you clearly haven't looked at the roots recently.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: