To:
Keith Moore <moore@cs.utk.edu>
Cc:
keydist@cafax.se
From:
Greg Hudson <ghudson@MIT.EDU>
Date:
10 Jan 2002 00:07:51 -0500
In-Reply-To:
<200201092038.g09Kc3i24977@astro.cs.utk.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: RESCAP/RC: an alternative to key distribution using DNS
On Wed, 2002-01-09 at 15:38, Keith Moore wrote:
> Since people seem to be interested in using DNS to distribute keying
> material, I thought I'd suggest a (somewhat) concrete alternative.
I'm becoming a little frustrated by the argument that goes:
1. People shouldn't axiomatically trust DNSSEC.
2. ???
3. Therefore, we should use this other method which precludes using
a DNSSEC signature chain to verify application keys.
where "this other method" is usually a SRV or NAPTR referral to some
other protocol. How do people go from "not axiomatically" to "never?"
(I am perfectly happy with a referral to another protocol, as long as
that referral includes something--even something as small as a key
fingerprint--which can allow DNSSEC trust to be chained onto application
keys. Just in case people decide, not axiomatically, that they want to
trust that, or to use it for additional verification. I believe a key
fingerprint can be shoehorned into NAPTR with the definition of a new
flag.)