To:
Richard Shockey <rshockey@ix.netcom.com>
Cc:
keydist@cafax.se, smb@research.att.com, jis@MIT.EDU
From:
Simon Josefsson <simon+keydist@josefsson.org>
Date:
Fri, 04 Oct 2002 03:50:20 +0200
In-Reply-To:
<5.1.0.14.2.20021003205924.01d38320@popd.ix.netcom.com> (RichardShockey's message of "Thu, 03 Oct 2002 21:15:27 -0400")
Sender:
owner-keydist@cafax.se
User-Agent:
Gnus/5.090008 (Oort Gnus v0.08) Emacs/21.2(i386-debian-linux-gnu)
Subject:
Re: I intend to have a document ready for Atlanta on this subject.
Richard Shockey <rshockey@ix.netcom.com> writes: > Actions by the DNS Extensions WG in bringing forward for Proposed > Standard "Limiting the Scope of the KEY Resource Record" > [RESTRICT-KEY] clearly signal the consensus in the IETF that > applications SHOULD NOT directly use the DNS for the storage of keys. The text in the draft claimed that this signal should not be infered. (The existence of the draft in the first place sends such a signal though since the KEY RR was designed to hold application keys.) Otherwise I like your text (I agree with Greg Hudson's comments though). The position that we should wait for deployed implementation of opportunistic security before it is standardized in the IETF seems strange to me. If that happened, there would be no need for standardization. We have had prototype implementations of these concepts for several years now, and some experimental deployment of them too. Standardization of the concepts is what is lacking, not implementations.