DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Scott Rose" <scottr@antd.nist.gov>
Cc: <dnssec@cafax.se>
From: Derek Atkins <warlord@MIT.EDU>
Date: 04 Sep 2001 12:56:26 -0400
In-Reply-To: "Scott Rose"'s message of "Tue, 4 Sep 2001 10:28:11 -0400"
Sender: owner-dnssec@cafax.se
Subject: Re: CERTificates and public keys

"Scott Rose" <scottr@antd.nist.gov> writes:

> If the application is relying on DNS to provide the data/origin
> authentication, then a KEY (or APPKEY?  or some other method) should be
> used.

No, a KEY record should ONLY be used for DNSSec keys.  No application
keys should be put into KEY records.

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

Follow-Ups:
- Re: CERTificates and public keys
  - From: Edward Lewis <lewis@tislabs.com>
- Re: CERTificates and public keys
  - From: Jakob Schlyter <jakob@crt.se>

References:
- Re: CERTificates and public keys
  - From: Dan Massey <masseyd@isi.edu>
- Re: CERTificates and public keys
  - From: "Scott Rose" <scottr@antd.nist.gov>

Prev by Date: Re: CERTificates and public keys
Next by Date: Re: CERTificates and public keys
Prev by thread: Re: CERTificates and public keys
Next by thread: Re: CERTificates and public keys
Index(es):
- Date
- Thread

Home | Date list | Subject list