To:
Derek Atkins <warlord@MIT.EDU>
cc:
Keith Moore <moore@cs.utk.edu>, Steve Hanna <steve.hanna@sun.com>, Simon Josefsson <simon+keydist@josefsson.org>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Mon, 14 Jan 2002 19:06:38 -0500
In-reply-to:
Your message of "14 Jan 2002 18:52:26 EST." <sjmvge4qymd.fsf@kikki.mit.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: looking for draft volunteers
> I must admit my knowledge of NAPTR isn't very good, so if you need to > make 'A' querries after you receive your NAPTR response, then I > suppose you could obtain the key's that way. So long as NAPTR is > signed by DNSSec (and the A and key records are too), then you've got > the equivalent of a secure referral in two or three round-trips > instead of one. you need to make both SRV and A (or AAAA) queries after NAPTR. (or they can be returned as additional information). and you might have multiple levels of NAPTR record before you get referred to an SRV. > > > Why should you trust the information you get from e.g. www.mit.edu? > > > > since I don't currently use that information for anything critical > > or sensitive, I don't currently need to trust it. > > True, but that wasn't the point. replace "mit.edu" with some site > that you _do_ use for information retreival. What about > "www.cnn.com", for example? I *assume* that everything cnn.com says is bogus. :) Offhand, I can't think of an information source on the net that I trust to any significant degree, at least, not without some external support. (Best example I can think of - before I bought my airplane I trusted aopa.org to give me an estimate of its value. But I also compared that estimate with prices for similar aircraft listed in a couple of print publications. In retrospect, I probably placed too much trust in aopa's estimation service. But at least I had validation of the high-order bits.) Keith