To:
jakob@crt.se
Cc:
ogud@ogud.com, dnssec@cafax.se, sra@hactrn.net
From:
Havard Eidnes <he@runit.no>
Date:
Thu, 26 Apr 2001 00:13:48 +0200
Delivery-Date:
Thu Apr 26 08:16:43 2001
In-Reply-To:
Your message of "Thu, 26 Apr 2001 00:04:51 +0200 (CEST)"<Pine.BSO.4.33.0104252358100.24513-100000@fonbella.crt.se>
Sender:
owner-dnssec@cafax.se
Subject:
Re: Keys at apex problem - New PUBKEY RR?
> > >$origin east.isi.edu.
> > >@ IN SOA ...
> > >@ NS ...
> > >@ A 38.245.76.2
> > >@ KEY <zone key>
> > >_ssh._tcp SRV 0 0 @
> > >_ssh._tcp KEY <ssh host key material>
> >
> > or it could be
> > _ssh._tcp SRV 0 0 ssh-key-name
> > and key would be stored at ssh-key-name
...
>
> using _ssh._tcp KEY seems cleaner, but I don't really see why
> we would need the protocol in the owner name. do applications
> have different keys for different protocols? if so, this could
> be useful.
That's how SRV keys are named. Quoting RFC 2782:
Here is the format of the SRV RR, whose DNS type code is 33:
_Service._Proto.Name TTL Class SRV Priority Weight Port Target
and the following sections define "Service" and "Proto".
Regards,
- Håvard