To:
Ted.Hardie@nominum.com
Cc:
Keith Moore <moore@cs.utk.edu>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Derek Atkins <warlord@MIT.EDU>
Date:
09 Jan 2002 15:09:25 -0500
In-Reply-To:
Ted Hardie's message of "Wed, 9 Jan 2002 11:10:52 -0800"
Sender:
owner-keydist@cafax.se
Subject:
Re: From whence we came...
Ted Hardie <Ted.Hardie@nominum.com> writes: > I think this is a valid point. The way I wrap that in my head is: > > DNSSEC helps you to know that the materials you got from the wallet > were the materials that the owner put in there. What this means is that any key distribution mechanism needs to support any random key-data formats. As Mr. Richardson put it: the keydist protocol needs to ship around types blobs. I define my blob format, you define your blob format. DNSSec provides the origin authentication (and integrity protection) of the blobs. However we leave "what the blob means" up to the applications. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH warlord@MIT.EDU PGP key available