To:
Olafur Gudmundsson <ogud@ogud.com>
Cc:
<dnssec@cafax.se>
From:
Jakob Schlyter <jakob@crt.se>
Date:
Sun, 29 Apr 2001 02:47:54 +0200 (MEST)
Delivery-Date:
Tue May 1 10:47:13 2001
In-Reply-To:
<5.1.0.14.0.20010427201509.00a5cec0@localhost>
Sender:
owner-dnssec@cafax.se
Subject:
Re: Keys at apex problem - New PUBKEY RR?
On Fri, 27 Apr 2001, Olafur Gudmundsson wrote: > >do we have to (or rather should we) specify this or would this be up to > >the application to decide? > > My vote would be for applications to decide but in the document > that describes how to write a definition this would be an issue to be > specified. that seems fair. > >if the srv record redirects to several hosts, should all hosts be forced > >to have the same host key? a better solution could be to first look up the > >key at the srv record first (if used) and, if not found, fall back to the > >keys at the host selected. > > I assume this is the operation you are proposing for SSH ? yes, is seems like the resonable thing to do. jakob