To:
"Edward Lewis" <lewis@tislabs.com>, "Derek Atkins" <warlord@MIT.EDU>
Cc:
<keydist@cafax.se>
From:
"James Seng/Personal" <jseng@pobox.org.sg>
Date:
Fri, 11 Jan 2002 14:58:54 +0800
Sender:
owner-keydist@cafax.se
Subject:
Re: looking for draft volunteers
One way to look at it is this: AppKeys - Keys that is used by "software applications" "Software applications" include software for users and also software which build up the infrastructure. -James Seng ----- Original Message ----- From: "Derek Atkins" <warlord@MIT.EDU> To: "Edward Lewis" <lewis@tislabs.com> Cc: <keydist@cafax.se> Sent: Friday, January 11, 2002 5:18 AM Subject: Re: looking for draft volunteers > Ahh. > > To me, I define "application keys" to mean "keys used by > non-DNS code." Notice I left out the word "application" > here. Perhaps we should call them "non-DNS code keys"? > > Seriously, ipsec _is_ an application. (bind is an application, too). > The point of the exercise is to come up with other applications, > infrastructure, systems, what-have-you that need keying information > and to see whether DNS can provide that keying information in a > reasonable manner. Perhaps not all applications, infrastructure, > systems, what-have-you can use a DNS-based key distribution > infrastructure, but some (like ipsec and ssh) certainly could. > > Really, the question is, "what is a name"? Perhaps ipsec is not > considered an application to most people (I would argue that SSH -IS- > considered an application, even if it's part of core infrastructure). > The term "application key" was used to distinguish from a "DNSSec KEY" > used to sign DNS records. If you can come up with another term that > can (or should) be used instead, please suggest one. > > I certainly believe that ipsec and ssh count as users of this > technology, whatever it happens to be called. > > -derek > > Edward Lewis <lewis@tislabs.com> writes: > > > At 3:57 PM -0500 1/10/02, Derek Atkins wrote: > > >Edward Lewis <lewis@tislabs.com> writes: > > > > > >> (As was pointed out, IPsec isn't an application.) > > > > > >Where was this pointed out? Did I miss some message somewhere? > > > > http://www.cafax.se/keydist/maillist/2002-01/msg00006.html > > > > Referring to: > > #At 11:18 AM -0500 1/3/02, Michael Richardson wrote: > > #> Finally, this discussion about "application" keys is somewhat silly. > > #> > > #> In the case of IPsec and SSH we do not believe that they are applications > > #>to anyone other than the DNS folks. Many operations people consider these > > #>protocols to be *infrastructure*. If the fundamental security protocols do > > #>not work, then the Internet does not work. > > > > There are already 160+ messages floating on the list in less than a month. > > How can any one be missed. ;) -- Spoken as one who is drowning in > > duplicate copies... > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > Edward Lewis NAI Labs > > Phone: +1 443-259-2352 Email: lewis@tislabs.com > > > > Opinions expressed are property of my evil twin, not my employer. > > > > > > -- > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory > Member, MIT Student Information Processing Board (SIPB) > URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH > warlord@MIT.EDU PGP key available