To:
Jakob Schlyter <jakob@crt.se>
Cc:
<dnssec@cafax.se>
From:
Randy Bush <randy@psg.com>
Date:
Fri, 11 May 2001 09:55:23 +0000
Delivery-Date:
Sat May 12 07:48:03 2001
Sender:
owner-dnssec@cafax.se
Subject:
Re: Keys at apex problem - New PUBKEY RR?
> I would say dns is very good at storing data that looks like, or could be > made to look like, a domain name. this logic leads to using it to replace the phone book. > with dnssec we have a secure, relative small and lightweight lookup > mechanism for things that looks like domain names so far, with dnssec, we have something that is complex, is not well understood, does not have a documented threat model, and is not yet deployable. why don't we pile more <bleep> on it to improve the situation? randy