To:
Derek Atkins <warlord@MIT.EDU>
Cc:
keydist@cafax.se
From:
Paul Hoffman / IMC <phoffman@imc.org>
Date:
Tue, 8 Jan 2002 10:18:41 -0800
In-Reply-To:
<sjm666dy1g8.fsf@indiana.mit.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: Definitions of keys and certs
At 10:19 PM -0500 1/7/02, Derek Atkins wrote: >While technically true, generally 'certificate' implies a single blob. >In the case of a 'bare public key that you will only trust if you >trust a public key that has signed it', at least in the case of >DNSSEC, is not a certificate in the conventional sense of the word >because the KEY and SIG are separable blobs. Which cryptographically >this may be considered a certificate, operationally it is far from it. Right: operationally they are larger and often take two round trips instead of one to deliver. This is a feature? --Paul Hoffman, Director --Internet Mail Consortium