2013.02.20 22:07:33 (304336512839991296) from Daniel J. Bernstein, replying to "Tony Finch (@fanf)" (304316636289183746):
@fanf @colmmacc @matthew_d_green HTTPS/SSH/etc. use per-query crypto + trusted servers. DNSSEC/HTTPSEC claim no p-q c, no trusted servers.
2013.02.20 20:07:49 (304306378481213440) from "Colm MacCárthaigh (@colmmacc)", replying to "Tony Finch (@fanf)" (304305454123716608):
@fanf @hashbreaker @matthew_d_green DNS serves routing data, not content data.
2013.02.20 20:12:58 (304307676576358400) from "Tony Finch (@fanf)", replying to "Colm MacCárthaigh (@colmmacc)" (304306378481213440):
@colmmacc @hashbreaker @matthew_d_green and TLSA or SSHFP couple the DNS chain of trust to the content transport, so what's missing?
2013.02.20 20:36:07 (304313501508325377) from Daniel J. Bernstein, replying to "Tony Finch (@fanf)" (304307676576358400):
@fanf @colmmacc @matthew_d_green Those proposals destroy _all_ of the claimed advantages of DNSSEC+HTTPSEC while keeping the problems.
2013.02.20 20:48:34 (304316636289183746) from "Tony Finch (@fanf)":
@hashbreaker @colmmacc @matthew_d_green Have you already written an explanation I can read somewhere? The slides don't say.