To:
Ted.Hardie@nominum.com
Cc:
Keith Moore <moore@cs.utk.edu>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Derek Atkins <warlord@MIT.EDU>
Date:
09 Jan 2002 15:09:25 -0500
In-Reply-To:
Ted Hardie's message of "Wed, 9 Jan 2002 11:10:52 -0800"
Sender:
owner-keydist@cafax.se
Subject:
Re: From whence we came...
Ted Hardie <Ted.Hardie@nominum.com> writes:
> I think this is a valid point. The way I wrap that in my head is:
>
> DNSSEC helps you to know that the materials you got from the wallet
> were the materials that the owner put in there.
What this means is that any key distribution mechanism needs to
support any random key-data formats. As Mr. Richardson put it: the
keydist protocol needs to ship around types blobs. I define my blob
format, you define your blob format. DNSSec provides the origin
authentication (and integrity protection) of the blobs. However
we leave "what the blob means" up to the applications.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available