To:
Walt Howard <howard@eng.utah.edu>
Cc:
ghudson@MIT.EDU, <jseng@pobox.org.sg>, <keydist@cafax.se>
From:
Jakob Schlyter <jakob@crt.se>
Date:
Fri, 12 Apr 2002 13:25:08 +0200 (CEST)
In-Reply-To:
<200204100052.SAA10340@lab1-36.eng.utah.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: Let's assume DNS is involved
On Tue, 9 Apr 2002, Walt Howard wrote: > On Sat, 6 Apr 2002 09:34:01 -0500, Greg Hudson wrote (in part): > > But you probably want to have multiple keys associated with a domain. > > That means they either have to be of different types (see below), or > > we'd have to do srv-style name mangling, which nobody in the DNS working > > group is very happy about. > > I would like to see [a reference to] a list of reasons why srv-style > names cause unhappiness. I have subscribed to this list for a while, > so a message-id is sufficient. magic naming, which srv-style names are, isn't that beautiful. I'm thinking more into using a combination of NAPTR & APPKEY, almost as in draft-daigle-napstr-00.txt, e.g: host.example.com. NAPTR 1 10 "p" "APPKEY+ipsec" "" ipsec.host.example.com. ipsec.host.example.com. APPKEY ... this would: a) limit the size of the RR for host.example.com. b) remove the magic naming hack jakob -- Jakob Schlyter <jakob@crt.se> Network Analyst Phone: +46 31 701 42 13, +46 70 595 07 94 Carlstedt Research & Technology