DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Jakob Schlyter <jakob@crt.se>
cc: Derek Atkins <warlord@MIT.EDU>, Edward Lewis <lewis@tislabs.com>, <dnssec@cafax.se>
From: Simon Josefsson <jas@extundo.com>
Date: Fri, 31 Aug 2001 17:29:55 +0200 (CEST)
Delivery-Date: Fri Aug 31 21:13:03 2001
In-Reply-To: <Pine.BSO.4.33.0108311648320.12076-100000@fonbella.crt.se>
Sender: owner-dnssec@cafax.se
Subject: Re: CERTificates and public keys

On Fri, 31 Aug 2001, Jakob Schlyter wrote:

> On 31 Aug 2001, Derek Atkins wrote:
>
> > CERT records _DO_NOT_ imply X.509.  A CERT record gives you the
> > ability to store key information in the DNS in parallel to the DNSSec
> > keying material.  This way a DNSSec client WILL NOT get confused.
>
> correct, but cert implies that it contains a public key and a signature.

Well, the CERT RR already discuss CRLs which isn't a signed public key.

It seems to me that the CERT RR is a everything-applications-might-want-
that-is-PKI-related RR.

Follow-Ups:
- Re: CERTificates and public keys
  - From: Jakob Schlyter <jakob@crt.se>

References:
- Re: CERTificates and public keys
  - From: Jakob Schlyter <jakob@crt.se>

Prev by Date: Re: CERTificates and public keys
Next by Date: Re: CERTificates and public keys
Prev by thread: Re: CERTificates and public keys
Next by thread: Re: CERTificates and public keys
Index(es):
- Date
- Thread

Home | Date list | Subject list