[Dnssec-deployment] validating resolvers on smartphones
jim at rfc1035.com
Sat Aug 6 04:31:33 EDT 2011
On 6 Aug 2011, at 07:28, David Conrad wrote:
> A "postmodern smart phone" should use whatever resources is
> necessary to provide its user with the performance and security the
> user requires. Today, my smartphone has 512MB of RAM. The FreeBSD
> server I use to run a validating resolver also has 512MB RAM. My
> FreeBSD server actually has less non-volatile storage than my
> The issue of device capacity is a red herring.
Indeed. The CPU cycles for validation won't do nice things to battery
life but this will be lost in the noise compared to the power guzzled
by the screen or doing wi-fi. Or the apps that are making these DNS
lookups. Besides, people with the new smartphones seem happy to
recharge them every day.
BTW, the phones already have a crypto engine in them anyway. [It's in
the chip that does the GSM/3G/LTE/whatever goop.] So with a bit of
silicon real estate to do RSA and SHA and an API to this comms chip...
More information about the Dnssec-deployment