DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Scott Rose <scottr@antd.nist.gov>
Cc: dnssec@cafax.se
From: Miek Gieben <miekg@nlnetlabs.nl>
Date: Thu, 19 Apr 2001 15:33:55 +0200
Delivery-Date: Thu Apr 19 20:31:00 2001
In-Reply-To: <004501c0c8d1$98211980$b9370681@antd.nist.gov>; from scottr@antd.nist.gov on Thu, Apr 19, 2001 at 09:06:48AM -0400
Sender: owner-dnssec@cafax.se
Subject: Re: Keys at apex problem - New PUBKEY RR?

On Thu, Apr 19, 2001 at 09:06:48AM -0400, Scott Rose wrote:
> A PUBKEY RR would look like the KEY RR now:  with a protocol and algorihtm
> field, but the flags would not be needed (or reduced).  I would assume the
> protocol using DNS to search for a public key would know how to interpret it
> in the reply.  The PUBKEY RR would be like the CERT RR now - separate from
> DNSSEC.  It could even be used without DNSSEC (I know, it wouldn't be smart
> to accept a key without a verified SIG).
why not used CERT then?

it looks to me if we're re-doing CERT records?

grtz Miek

Follow-Ups:
- Re: Keys at apex problem - New PUBKEY RR?
  - From: "Scott Rose" <scottr@antd.nist.gov>

References:
- Re: Keys at apex problem
  - From: Simon Josefsson <simon@josefsson.org>
- Re: Keys at apex problem
  - From: Jakob Schlyter <jakob@crt.se>
- Re: Keys at apex problem
  - From: Miek Gieben <miekg@nlnetlabs.nl>
- Re: Keys at apex problem - New PUBKEY RR?
  - From: "Scott Rose" <scottr@antd.nist.gov>

Prev by Date: Re: Keys at apex problem - New PUBKEY RR?
Next by Date: Re: Keys at apex problem
Prev by thread: Re: Keys at apex problem - New PUBKEY RR?
Next by thread: Re: Keys at apex problem - New PUBKEY RR?
Index(es):
- Date
- Thread

Home | Date list | Subject list