[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


To: Olafur Gudmundsson <ogud@ogud.com>
Cc: <dnssec@cafax.se>, <sra@hactrn.net>
From: Jakob Schlyter <jakob@crt.se>
Date: Thu, 26 Apr 2001 00:04:48 +0200 (CEST)
Delivery-Date: Thu Apr 26 08:16:42 2001
In-Reply-To: <5.1.0.14.0.20010425103143.05382950@localhost>
Sender: owner-dnssec@cafax.se
Subject: Re: Keys at apex problem - New PUBKEY RR?

On Wed, 25 Apr 2001, Olafur Gudmundsson wrote:

> > > Solution 3: KEY and _<app>.name KEY
> > > cost:   extra name for every application
> > >          extra NXT/NO set
> > >          2 more signatures per key set.
> > > drawbacks: same as 1. + the extra set
> > > advantages: small keys sets (just like 2).
> >
> >I like this more and more. perhaps more realistic that 1. _app should be
> >defined in a document per application, but that is needed anyway to
> >describe the RDATA format
>
> in this case the regular KEY record is used.

yes.

> The open question is who gets to pick the name, working groups or IANA?

I would suggest we use the same naming convention as for SRV, i.e. well
known port numbers. in the KEY RR, we could use a protocol value of 0
(reserved) or 255 (All) since the protocol is already specified in the
owner name.

/Jakob

--
Jakob Schlyter <jakob@crt.se>                Network Analyst
Phone:  +46 31 701 42 13, +46 70 595 07 94   Carlstedt Research & Technology




Home | Date list | Subject list