To:
Olafur Gudmundsson <ogud@ogud.com>
Cc:
<dnssec@cafax.se>, <sra@hactrn.net>
From:
Jakob Schlyter <jakob@crt.se>
Date:
Thu, 26 Apr 2001 00:04:48 +0200 (CEST)
Delivery-Date:
Thu Apr 26 08:16:42 2001
In-Reply-To:
<5.1.0.14.0.20010425103143.05382950@localhost>
Sender:
owner-dnssec@cafax.se
Subject:
Re: Keys at apex problem - New PUBKEY RR?
On Wed, 25 Apr 2001, Olafur Gudmundsson wrote: > > > Solution 3: KEY and _<app>.name KEY > > > cost: extra name for every application > > > extra NXT/NO set > > > 2 more signatures per key set. > > > drawbacks: same as 1. + the extra set > > > advantages: small keys sets (just like 2). > > > >I like this more and more. perhaps more realistic that 1. _app should be > >defined in a document per application, but that is needed anyway to > >describe the RDATA format > > in this case the regular KEY record is used. yes. > The open question is who gets to pick the name, working groups or IANA? I would suggest we use the same naming convention as for SRV, i.e. well known port numbers. in the KEY RR, we could use a protocol value of 0 (reserved) or 255 (All) since the protocol is already specified in the owner name. /Jakob -- Jakob Schlyter <jakob@crt.se> Network Analyst Phone: +46 31 701 42 13, +46 70 595 07 94 Carlstedt Research & Technology