To:
George Michaelson <ggm@apnic.net>
Cc:
Edward Lewis <edlewis@arin.net>, Michael Richardson <mcr@sandelman.ottawa.on.ca>, dnsop@cafax.se
From:
Jakob Schlyter <jakob@crt.se>
Date:
Thu, 20 Mar 2003 00:57:04 +0100 (CET)
In-Reply-To:
<20030320051200.4f398ad8.ggm@apnic.net>
Sender:
owner-dnsop@cafax.se
Subject:
Re: Radical Surgery proposal: stop doing reverse for IPv6.
On Thu, 20 Mar 2003, George Michaelson wrote: > Unless I mis-read the Security directorate black hat view, its not permissable > to use DNSSEC keys to secure any other aspect of the Internet, apart from the > DNS itself. the KEY RR can only be used for DNSSEC itself. other RRs, like IPSECKEY, can contain keys. > So we'd be talking about an RR identifying a key, to be found in some other > context specific key distribution framework. Right? the IPSECKEY RR contains the actual key and what security gateway to use. jakob #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.