SoylentNews is people
SoylentNews
CloudFlare has released a new feature - Universal DNSSEC. For those unaware DNSSEC is an attempt to add a layer of trust to the Domain Name System, or DNS, by creating a chain of trust between the root domain and the TLD (Top Level Domain). This comes a few weeks removed from the open beta in which they claimed to have protected 150 million people and 21 billion web requests. How does the community feel about such an aggressive push for DNSSEC?
This discussion has been archived.
No new comments can be posted.
CloudFlare Launches Universal DNSSEC
|
Log In/Create an Account
| Top
| 10 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
When in panic, fear and doubt,
Drink in barrels, eat, and shout.
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @06:12AM
I don't trust cloudflare because they now apparently hijack HTTPS and DNSSEC.
Ostensibly they have permisssion, but how am I as the average visitor supposed to know that?
(Score: 1, Insightful) by Anonymous Coward on Sunday November 15 2015, @06:42AM
What the hell are you talking about?
(Score: 0) by Anonymous Coward on Sunday November 15 2015, @06:54AM
Cloudflare works by doing a classic MITM attack on the "protected" website. The averge visitor has no way of knowing if cloudflare is really authorized to intercept the connection.
Amoung other things, the website stops working if you have JS disabled.
(Score: 1, Informative) by Anonymous Coward on Sunday November 15 2015, @07:00AM
OK, finally read TFA.
I looks like the DNSSEC initiative actually addresses my concerns by going through a third party (the registrar).
Sorry for assuming silly things.
(Score: 0) by Anonymous Coward on Monday November 16 2015, @04:51AM
Among other things, the "protected" web site and the Clownflare site stop working if you have referer blocked. Because only an EEeeeevil hacker would not want to be tracked by random third parties.