[Dnssec-deployment] validating resolvers on smartphones

Jim Reid jim at rfc1035.com
Sat Aug 6 04:31:33 EDT 2011


On 6 Aug 2011, at 07:28, David Conrad wrote:

> A "postmodern smart phone" should use whatever resources is  
> necessary to provide its user with the performance and security the  
> user requires.  Today, my smartphone has 512MB of RAM. The FreeBSD  
> server I use to run a validating resolver also has 512MB RAM.  My  
> FreeBSD server actually has less non-volatile storage than my  
> smartphone.
>
> The issue of device capacity is a red herring.

Indeed. The CPU cycles for validation won't do nice things to battery  
life but this will be lost in the noise compared to the power guzzled  
by the screen or doing wi-fi. Or the apps that are making these DNS  
lookups. Besides, people with the new smartphones seem happy to  
recharge them every day.

BTW, the phones already have a crypto engine in them anyway. [It's in  
the chip that does the GSM/3G/LTE/whatever goop.] So with a bit of  
silicon real estate to do RSA and SHA and an API to this comms chip...


More information about the Dnssec-deployment mailing list