DJB about NSEC3
DNSSEC reduces existing confidentiality by publishing the complete list of
"secured" DNS records. This publication is integrated into the DNSSEC
protocol; it is independent of classic "zone transfers" and cannot be
disabled by administrators. The "NSEC3" variant of DNSSEC attempts to
reduce this exposure but is almost always breakable.
(source: [url]http://dnscurve.org/dnssec.html[/url] retrieved Tuesday, september
2nd, 9:31 am BST)
I'd like to have more information how the "NSEC3" variant of DNSSEC is
almost always breakable? I'd like to know how to interpret "almost always
to unsubscribe send a message to [email]email@example.com[/email] with
the word 'unsubscribe' in a single line as the message text body.