DNSSEC mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Dan Massey <masseyd@isi.edu>
Cc: <dnssec@cafax.se>
From: Jakob Schlyter <jakob@crt.se>
Date: Tue, 4 Sep 2001 19:13:16 +0200 (MEST)
In-Reply-To: <20010904095757.A19055@bb.nge.isi.edu>
Sender: owner-dnssec@cafax.se
Subject: Re: CERTificates and public keys

On Tue, 4 Sep 2001, Dan Massey wrote:

> Perhaps instead of asking to reserve type 22 from the KEY record, why not
> reserve type 4 of the CERT record and use this for "Generic Public Key".
> You could then store your ssh key in this record.

not considering the issue with storing a raw public key inside a
certificate, I think this is a bad idea. the protocol field is there for a
reason and we should use it. the name could be used as well to limit the
size of the answer rrset, but I do no longer believe that putting the
protocol only in the owner name is a good idea.

	jakob

References:
- Re: CERTificates and public keys
  - From: Dan Massey <masseyd@isi.edu>

Prev by Date: Re: CERTificates and public keys
Next by Date: Re: CERTificates and public keys
Prev by thread: Re: CERTificates and public keys
Next by thread: RE: CERTificates and public keys
Index(es):
- Date
- Thread

Home | Date list | Subject list