Bug #175
Security (DNSsec) could be used to verify package updates
New
Normal
Evan Hunt
Description
Security (DNSsec) could be used to verify package updates among other things.History
Updated by Dave Täht on Jul 10, 2011.
I hope to get around to signing bufferbloat.net shortly. That gets me to
being able to use it from an update system that uses wget by default.
Updated by Michael Graff on Aug 23, 2011.
Just because the domain name to IP address mapping is secure, that does
not mean the TCP connection will not be trapped by some transparent
proxy sitting in an ISP or that your data was received unmodified…
Might be better to create a certificate authority, and install it in the router itself, so you can make truly secure TLS connections.
Updated by Dave Täht on Aug 24, 2011.
A problem is every CA seemingly has to be slightly different to handle a
vpn, a web site, etc. but I’d dearly like to do this.
Updated by Dave Täht on Sep 1, 2011.
Updated by Jim Gettys on Sep 20, 2011.
Updated by Dave Täht on Apr 21, 2012.
This is a static export of the original bufferbloat.net issue
database. As such, no further commenting is possible; the
information is solely here for archival purposes.
Cerowrt Project
Recent Updates
Find us elsewhere
Bufferbloat Mailing Lists
#bufferbloat on Twitter
Google+ group
Archived Bufferbloat pages from the Wayback Machine
Nlnet Foundation
Shuttleworth Foundation
GoFundMe
Congestion Control Blog
Flent Network Test Suite
Sqm-Scripts
The Cake shaper
AQMs in BSD
IETF AQM WG
CeroWrt (where it all started)
Jim Gettys' Blog - The chairman of the Fjord
Toke's Blog - Karlstad University's work on bloat
Voip Users Conference - Weekly Videoconference mostly about voip
Candelatech - A wifi testing company that "gets it".
#bufferbloat on Twitter
Google+ group
Archived Bufferbloat pages from the Wayback Machine
Sponsors
Comcast Research Innovation FundNlnet Foundation
Shuttleworth Foundation
GoFundMe
Bufferbloat Related Projects
OpenWrt ProjectCongestion Control Blog
Flent Network Test Suite
Sqm-Scripts
The Cake shaper
AQMs in BSD
IETF AQM WG
CeroWrt (where it all started)
Network Performance Related Resources
Jim Gettys' Blog - The chairman of the Fjord
Toke's Blog - Karlstad University's work on bloat
Voip Users Conference - Weekly Videoconference mostly about voip
Candelatech - A wifi testing company that "gets it".