DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Jakob Schlyter <jakob@crt.se>
Cc: Olafur Gudmundsson <ogud@ogud.com>, Havard Eidnes <he@runit.no>, <dnssec@cafax.se>, <sra@hactrn.net>
From: Randy Bush <randy@psg.com>
Date: Thu, 26 Apr 2001 09:26:17 -0700
Delivery-Date: Thu Apr 26 21:54:01 2001
Sender: owner-dnssec@cafax.se
Subject: Re: Keys at apex problem - New PUBKEY RR?

> srv will not help us relocating key. naptr could be used to point out
> where to find keys or certificates, but it would give us something like a
> chicken and egg problem. we need the key and cert in dns to bootstrap
> other protocols (that maybe uses naptr to find its data).

one can look at it a different way.  you want to use naptr to securely find
services that you then wish to use in a secure fashion.  so should it really
become napstr (pun intended), and have key data embedded?

randy

References:
- Re: Keys at apex problem - New PUBKEY RR?
  - From: Randy Bush <randy@psg.com>
- Re: Keys at apex problem - New PUBKEY RR?
  - From: Jakob Schlyter <jakob@crt.se>

Prev by Date: Re: Keys at apex problem - New PUBKEY RR?
Next by Date: Re: Keys at apex problem - New PUBKEY RR?
Prev by thread: Re: Keys at apex problem - New PUBKEY RR?
Next by thread: Re: Keys at apex problem - New PUBKEY RR?
Index(es):
- Date
- Thread

Home | Date list | Subject list